Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Informa#U00e7#U00e3o sobre atualiza#U00e7#U00e3o no Portal Cliente #U26a0#Ufe0f.msg
|
CDFV2 Microsoft Outlook Message
|
initial sample
|
||
|
C:\Users\user\AppData\Local\Microsoft\FORMS\FRMCACHE.DAT
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Office\16.0\WebServiceCache\AllUsers\officeclient.microsoft.com\E6BC998C-0C57-41CD-B836-588A20CAE4C5
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Office\OTele\outlook.exe.db
|
SQLite 3.x database, last written using SQLite version 3034001, writer version 2, read version 2, file counter 2, database
pages 1, cookie 0, schema 0, largest root page 1, unknown 0 encoding, version-valid-for 2
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Office\OTele\outlook.exe.db-journal
|
SQLite Rollback Journal
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Office\OTele\outlook.exe.db-shm
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Office\OTele\outlook.exe.db-wal
|
SQLite Write-Ahead Log, version 3007000
|
modified
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Content.Word\~WRS{10300F02-9067-48CF-930A-3729C6F5B26A}.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Diagnostics\OUTLOOK\App1728899839687428900_9CF63249-EAF1-4A21-9C1D-A12E938496DF.log
|
ASCII text, with very long lines (28733), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Diagnostics\OUTLOOK\App1728899839688187300_9CF63249-EAF1-4A21-9C1D-A12E938496DF.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Outlook Logging\OUTLOOK_16_0_16827_20130-20241014T0557190266-5204.etl
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\~DFAAA6D51EDEB12B19.TMP
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Office\MSO3072.acl
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Outlook\NoEmail.srs
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
C:\Users\user\Documents\Outlook Files\Outlook Data File - NoEmail.pst
|
Microsoft Outlook email folder (>=2003)
|
dropped
|
||
|
C:\Users\user\Documents\Outlook Files\~Outlook Data File - NoEmail.pst.tmp
|
data
|
dropped
|
||
|
Chrome Cache Entry: 129
|
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 100x100, components
3
|
dropped
|
||
|
Chrome Cache Entry: 130
|
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 100x100, components
3
|
downloaded
|
||
|
Chrome Cache Entry: 131
|
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 100x100, components
3
|
dropped
|
||
|
Chrome Cache Entry: 132
|
PNG image data, 439 x 519, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 133
|
RIFF (little-endian) data, Web/P image, VP8 encoding, 1200x114, Scaling: [none]x[none], YUV color, decoders should clamp
|
downloaded
|
||
|
Chrome Cache Entry: 134
|
RIFF (little-endian) data, Web/P image
|
downloaded
|
||
|
Chrome Cache Entry: 135
|
PNG image data, 200 x 50, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 136
|
HTML document, Unicode text, UTF-8 text, with very long lines (1183)
|
downloaded
|
||
|
Chrome Cache Entry: 137
|
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 100x100, components
3
|
downloaded
|
||
|
Chrome Cache Entry: 138
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 139
|
PNG image data, 164 x 100, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 140
|
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 439x519, components
3
|
dropped
|
||
|
Chrome Cache Entry: 141
|
PNG image data, 164 x 100, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 142
|
HTML document, Unicode text, UTF-8 text, with very long lines (1477)
|
downloaded
|
||
|
Chrome Cache Entry: 143
|
PNG image data, 200 x 50, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 144
|
PNG image data, 600 x 350, 8-bit/color RGB, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 145
|
PNG image data, 200 x 50, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 146
|
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1200x114, components
3
|
dropped
|
||
|
Chrome Cache Entry: 147
|
PNG image data, 200 x 50, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 148
|
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1200x114, components
3
|
dropped
|
||
|
Chrome Cache Entry: 149
|
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 439x519, components
3
|
dropped
|
||
|
Chrome Cache Entry: 150
|
RIFF (little-endian) data, Web/P image
|
downloaded
|
||
|
Chrome Cache Entry: 151
|
RIFF (little-endian) data, Web/P image, VP8 encoding, 1200x114, Scaling: [none]x[none], YUV color, decoders should clamp
|
downloaded
|
||
|
Chrome Cache Entry: 152
|
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 100x100, components
3
|
downloaded
|
||
|
Chrome Cache Entry: 153
|
PNG image data, 439 x 519, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 154
|
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 100x100, components
3
|
dropped
|
||
|
Chrome Cache Entry: 155
|
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 439x519, components
3
|
downloaded
|
||
|
Chrome Cache Entry: 156
|
PNG image data, 200 x 50, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 157
|
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 439x519, components
3
|
downloaded
|
||
|
Chrome Cache Entry: 158
|
PNG image data, 200 x 50, 8-bit/color RGBA, non-interlaced
|
dropped
|
There are 36 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
|
"C:\Program Files (x86)\Microsoft Office\Root\Office16\OUTLOOK.EXE" /f "C:\Users\user\Desktop\Informa#U00e7#U00e3o sobre atualiza#U00e7#U00e3o
no Portal Cliente #U26a0#Ufe0f.msg"
|
||
|
C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exe
|
"C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ai.exe" "A30EC4E3-A653-4B7A-B9D8-73E9E2230F2C"
"88BE490B-45D3-438E-894B-BC49A945E4B6" "5204" "C:\Program Files (x86)\Microsoft Office\Root\Office16\OUTLOOK.EXE" "WordCombinedFloatieLreOnline.onnx"
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://d39vnq04.eu1.hubspotlinks.com/Ctc/DP+113/d39vnq04/VVJNkt5B8l83W36Mw9F26PtFtW5g6HvJ5m7kFkN1n_9Zj5nXHsW8wM7ks6lZ3kPW43F0KM83fTV3W6-72q54XMm6RW2r0F7w5RqFjRN1cg5JdQQVBvW98xQ8h7p5rKDW2_b-2v7Tg9Y9N3PdFbnN1vD0N76tqFj4lGfRW4XcZ4Z3h-qymW7xfF4v1wTQWrW4x2hrh3mx3T-W8S2k5m89m-Q9W2C9dtK5qPQWBW5bcQx18dCG9WW5CtmLz7rc-lqW8xfNkq7c0sNdW5F57S92n6yZvW2Q3p5q7FnnvnN11m78GXqL9PVwsBQp81kZlFW2bFNH755rk9FW6WdsyK8-RqJnW7f_7W32jZ9GzW6zXL6L1JtyyqW7Vb0bF3kgttPW3xyvQv3NXx1KW7cBS6W4VgPS9W6Ts6n28M01mvV19wnH3ZRNfkW821nys2yM5RSMLMPsRCqd0RN6ql3D9wsnQ_W5nJMsz95GqbjW5wwl7v2fYJrDW14N7cT2QcSq_W68B3bW1S1kcTW7kPFvH5NDpmvW9dRrYW4y9Xq2W2S9dxz1h8gxrW4DR4pT7l5GB9VrPTRh3pYq7WW89KkN03TKL2_W9dGp_l2Xx7twVkSNr84CgX2Kf1k5FqR04
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2060 --field-trial-handle=1924,i,585519785514072690,12173441092943804254,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://shell.suite.office.com:1443
|
unknown
|
||
|
https://designerapp.azurewebsites.net
|
unknown
|
||
|
https://autodiscover-s.outlook.com/
|
unknown
|
||
|
https://useraudit.o365auditrealtimeingestion.manage.office.com
|
unknown
|
||
|
https://outlook.office365.com/connectors
|
unknown
|
||
|
https://insertmedia.bing.office.net/images/officeonlinecontent/browse?cp=Flickr
|
unknown
|
||
|
https://cdn.entity.
|
unknown
|
||
|
https://dev.virtualearth.net/REST/V1/GeospatialEndpoint/
|
unknown
|
||
|
https://rpsticket.partnerservices.getmicrosoftkey.com
|
unknown
|
||
|
https://lookup.onenote.com/lookup/geolocation/v1
|
unknown
|
||
|
https://syncservice.protection.outlook.com/PolicySync/PolicySync.svc/SyncFile
|
unknown
|
||
|
https://www.edenred.pt/wp-content/uploads/2024/01/linkedin-1.jpg
|
107.162.184.232
|
||
|
https://api.aadrm.com/
|
unknown
|
||
|
https://canary.designerapp.
|
unknown
|
||
|
https://www.yammer.com
|
unknown
|
||
|
https://www.edenred.pt/wp-content/uploads/2024/01/apple-1.png
|
107.162.184.232
|
||
|
https://dataservice.protection.outlook.com/PsorWebService/v1/ClientSyncFile/MipPolicies
|
unknown
|
||
|
https://api.microsoftstream.com/api/
|
unknown
|
||
|
https://insertmedia.bing.office.net/images/hosted?host=office&adlt=strict&hostType=Immersive
|
unknown
|
||
|
https://cr.office.com
|
unknown
|
||
|
https://www.edenred.pt/wp-content/uploads/2024/01/cinco-estrelas-1.jpg
|
107.162.184.232
|
||
|
https://messagebroker.mobile.m365.svc.cloud.microsoft
|
unknown
|
||
|
https://otelrules.svc.static.microsoft
|
unknown
|
||
|
https://edge.skype.com/registrar/prod
|
unknown
|
||
|
https://hs-27003262.f.hubspotemail-eu1.net/hub/27003262/hubfs/Group%201%20(1).jpg?upscale=true&w
|
unknown
|
||
|
https://res.getmicrosoftkey.com/api/redemptionevents
|
unknown
|
||
|
https://tasks.office.com
|
unknown
|
||
|
https://officeci.azurewebsites.net/api/
|
unknown
|
||
|
https://my.microsoftpersonalcontent.com
|
unknown
|
||
|
https://www.edenred.pt/wp-content/uploads/2024/01/superbrands-1.jpg
|
107.162.184.232
|
||
|
https://store.office.cn/addinstemplate
|
unknown
|
||
|
https://edge.skype.com/rps
|
unknown
|
||
|
https://messaging.engagement.office.com/
|
unknown
|
||
|
https://nam.learningtools.onenote.com/learningtoolsapi/v2.0/getfreeformspeech
|
unknown
|
||
|
https://www.odwebp.svc.ms
|
unknown
|
||
|
https://api.powerbi.com/v1.0/myorg/groups
|
unknown
|
||
|
https://web.microsoftstream.com/video/
|
unknown
|
||
|
https://api.addins.store.officeppe.com/addinstemplate
|
unknown
|
||
|
https://graph.windows.net
|
unknown
|
||
|
https://consent.config.office.com/consentcheckin/v1.0/consents
|
unknown
|
||
|
https://learningtools.onenote.com/learningtoolsapi/v2.0/Getvoices
|
unknown
|
||
|
https://pf.directory.live.com/profile/mine/System.ShortCircuitProfile.json
|
unknown
|
||
|
https://hs-27003262.f.hubspotemail-eu1.net/hub/27003262/hubfs/Header%20email.png?upscale=true&wi
|
unknown
|
||
|
https://d.docs.live.net
|
unknown
|
||
|
https://safelinks.protection.outlook.com/api/GetPolicy
|
unknown
|
||
|
https://ncus.contentsync.
|
unknown
|
||
|
https://policy.hubspot.com/abuse-complaints)
|
unknown
|
||
|
https://webdir.online.lync.com/autodiscover/autodiscoverservice.svc/root/
|
unknown
|
||
|
http://weather.service.msn.com/data.aspx
|
unknown
|
||
|
https://word.uservoice.com/forums/304948-word-for-ipad-iphone-ios
|
unknown
|
||
|
https://autodiscover-s.outlook.com/autodiscover/autodiscover.xml
|
unknown
|
||
|
https://mss.office.com
|
unknown
|
||
|
https://pushchannel.1drv.ms
|
unknown
|
||
|
https://wus2.contentsync.
|
unknown
|
||
|
https://hs-27003262.f.hubspotemail-eu1.net/hub/27003262/hubfs/Header%20email.png?upscale=true&width=1200&upscale=true&name=Header%20email.png
|
172.65.249.76
|
||
|
https://clients.config.office.net/user/v1.0/ios
|
unknown
|
||
|
https://api.addins.omex.office.net/api/addins/search
|
unknown
|
||
|
https://outlook.office365.com/api/v1.0/me/Activities
|
unknown
|
||
|
https://hs-27003262.f.hubspotemail-eu1.net/hub/27003262/hubfs/Header%20email.png?width=1200&upscale=
|
unknown
|
||
|
https://clients.config.office.net/user/v1.0/android/policies
|
unknown
|
||
|
https://entitlement.diagnostics.office.com
|
unknown
|
||
|
https://edenred.pt/novidades/edenred/edenred-distinguida-com-premio-cinco-estrelas-pelo-segundo-ano-
|
unknown
|
||
|
https://pf.directory.live.com/profile/mine/WLX.Profiles.IC.json
|
unknown
|
||
|
https://edenred.pt/wp-content/uploads/2022/01/logo-edenred.png
|
107.162.184.232
|
||
|
https://outlook.office.com/
|
unknown
|
||
|
https://storage.live.com/clientlogs/uploadlocation
|
unknown
|
||
|
https://login.microsoftonline.com
|
unknown
|
||
|
https://substrate.office.com/search/api/v1/SearchHistory
|
unknown
|
||
|
https://www.edenred.pt/wp-content/uploads/2024/01/app-gallery-1.png
|
107.162.184.232
|
||
|
https://hs-27003262.s.hubspotemail-eu1.net/hs/preferences-center/pt/direct?data=W2nVjwf3Y2x9wW45pqxC
|
unknown
|
||
|
https://clients.config.office.net/c2r/v1.0/InteractiveInstallation
|
unknown
|
||
|
https://hs-27003262.s.hubspotemail-eu1.net/subscription-preferences/v2/unsubscribe-all?data=W2nVjwf3
|
unknown
|
||
|
https://service.powerapps.com
|
unknown
|
||
|
https://graph.windows.net/
|
unknown
|
||
|
https://devnull.onenote.com
|
unknown
|
||
|
https://messaging.office.com/
|
unknown
|
||
|
https://appgallery.huawei.com/app/C101543449?utm_campaign=Users%20-%20Digest&utm_medium=email&am
|
unknown
|
||
|
https://insertmedia.bing.office.net/images/officeonlinecontent/browse?cp=Bing
|
unknown
|
||
|
https://skyapi.live.net/Activity/
|
unknown
|
||
|
https://api.cortana.ai
|
unknown
|
||
|
https://messaging.action.office.com/setcampaignaction
|
unknown
|
||
|
https://visio.uservoice.com/forums/368202-visio-on-devices
|
unknown
|
||
|
https://staging.cortana.ai
|
unknown
|
||
|
https://onedrive.live.com/embed?
|
unknown
|
||
|
https://augloop.office.com
|
unknown
|
||
|
https://hs-27003262.f.hubspotemail-eu1.net/hub/27003262/hubfs/Group%201%20(1).jpg?upscale=true&width=1200&upscale=true&name=Group%201%20(1).jpg
|
172.65.249.76
|
||
|
http://cliente.edenred.pt/?utm_campaign=MFA%20Portal%20Cliente&utm_source=hs_email&utm_mediu
|
unknown
|
||
|
https://api.diagnosticssdf.office.com/v2/file
|
unknown
|
||
|
https://prod.mds.office.com/mds/api/v1.0/clientmodeldirectory
|
unknown
|
||
|
https://officepyservice.office.net/
|
unknown
|
||
|
https://api.diagnostics.office.com
|
unknown
|
||
|
https://www.edenred.pt/wp-content/uploads/2024/01/instagram-1.jpg
|
107.162.184.232
|
||
|
https://store.office.de/addinstemplate
|
unknown
|
||
|
https://www.instagram.com/edenred.portugal/?utm_campaign=Users%20-%20Digest&utm_medium=email&
|
unknown
|
||
|
https://wus2.pagecontentsync.
|
unknown
|
||
|
https://api.powerbi.com/v1.0/myorg/datasets
|
unknown
|
||
|
https://cortana.ai/api
|
unknown
|
||
|
https://api.diagnosticssdf.office.com
|
unknown
|
||
|
https://d39vnq04.eu1.hubspotlinks.com/events/public/v1/encoded/track/tc/DP
|
unknown
|
||
|
https://login.microsoftonline.com/
|
unknown
|
There are 90 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
63e60b3a034d44d3a1fab576330c600e.pacloudflare.com
|
172.65.220.77
|
||
|
61f25580d9864b27b5f1ee2d435ed67e.pacloudflare.com
|
172.65.249.76
|
||
|
27003262.fs1.hubspotusercontent-eu1.net
|
141.101.90.96
|
||
|
edenred.pt
|
107.162.184.232
|
||
|
27003262.hs-sites-eu1.com
|
141.101.90.96
|
||
|
www.google.com
|
142.250.186.36
|
||
|
www.edenred.pt
|
107.162.184.232
|
||
|
hs-27003262.f.hubspotemail-eu1.net
|
unknown
|
||
|
d39vnq04.eu1.hubspotlinks.com
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
142.250.186.36
|
www.google.com
|
United States
|
||
|
141.101.90.96
|
27003262.fs1.hubspotusercontent-eu1.net
|
European Union
|
||
|
192.168.2.7
|
unknown
|
unknown
|
||
|
107.162.184.232
|
edenred.pt
|
United States
|
||
|
172.65.249.76
|
61f25580d9864b27b5f1ee2d435ed67e.pacloudflare.com
|
United States
|
||
|
239.255.255.250
|
unknown
|
Reserved
|
||
|
142.250.186.164
|
unknown
|
United States
|
||
|
172.65.220.77
|
63e60b3a034d44d3a1fab576330c600e.pacloudflare.com
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Common\CrashPersistence\OUTLOOK\5204
|
0
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Outlook\Diagnostics\BootDiagnosticsDataPreviousSession
|
CantBootResolution
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Outlook\Diagnostics\BootDiagnosticsDataPreviousSession
|
ProfileBeingOpened
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Outlook\Diagnostics\BootDiagnosticsDataPreviousSession
|
SessionId
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Outlook\Diagnostics\BootDiagnosticsDataPreviousSession
|
BootDiagnosticsLogFile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Outlook\Diagnostics
|
OutlookBootFlag
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Outlook\Resiliency\StartupItems
|
ay5
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Outlook\Diagnostics\BootDiagnosticsData
|
SessionId
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Outlook\Diagnostics\BootDiagnosticsData
|
ProfileBeingOpened
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Outlook\Settings
|
Accounts
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\Licensing
|
EligibleForExtendedGrace
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Word\Wizards
|
PageSize
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\MailSettings
|
Template
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Word\Options
|
WMACUpdated
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Outlook\Options
|
DefaultKerningLigatures
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\MuiCache\1e\417C44EB
|
@%SystemRoot%\system32\mlang.dll,-4608
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00006109F10090400000000000F01FEC\Usage
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00006109F10090400000000000F01FEC\Usage
|
HyphenationFiles_1033
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Outlook\Profiles\NoEmail\0a0d020000000000c000000000000046
|
000b046b
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Outlook\Diagnostics\BootDiagnosticsData
|
BootDiagnosticsLogFile
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Outlook\Diagnostics\BootDiagnosticsData
|
CantBootResolution
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Outlook\Settings\Data
|
global_AccountSignaturesDialogOpen
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Outlook\Resiliency\StartupItems
|
,d5
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Outlook\Display Types\Balloons
|
HWND64ForOrphanedNotIcon
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Outlook\Addins\ColleagueImport.ColleagueImportAddin
|
1
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Outlook\Addins\Microsoft.VbaAddinForOutlook.1
|
1
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Outlook\Resiliency\StartupItems
|
;d5
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Outlook\Addins\OneNote.OutlookAddin
|
1
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Outlook\Resiliency\StartupItems
|
kd5
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Outlook\Addins\OscAddin.Connect
|
1
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Outlook\Resiliency\StartupItems
|
kd5
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Outlook\Addins\UCAddin.LyncAddin.1
|
1
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Outlook\Resiliency\StartupItems
|
zd5
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Outlook\Addins\UmOutlookAddin.FormRegionAddin
|
1
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Outlook\Resiliency\StartupItems
|
zd5
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Outlook\Resiliency\StartupItems
|
jd5
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Outlook\Resiliency\StartupItems
|
jd5
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Outlook\Resiliency\StartupItems
|
jd5
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Outlook\Search
|
IndexAvailableBody
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Outlook\Settings\Data
|
global_AccountsNeedResyncingWithOwnershipV5
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Outlook\Settings\Data
|
global_AccountsNeedResyncingWithOwnershipV4
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Outlook\Settings\Data
|
global_AccountsNeedResyncingWithOwnershipV3
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Outlook\Settings\Data
|
global_AccountsNeedResyncingWithOwnership
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Common\AddinClassifier
|
a4922304f05a0caf296a5dab7d32866b
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00006109F10090400000000000F01FEC\Usage
|
SpellingAndGrammarFiles_1033
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00006109F100C0400000000000F01FEC\Usage
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00006109F100C0400000000000F01FEC\Usage
|
SpellingAndGrammarFiles_1036
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00006109F100A0C00000000000F01FEC\Usage
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00006109F100A0C00000000000F01FEC\Usage
|
SpellingAndGrammarFiles_3082
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\IdentityCRL\ClockData
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\IdentityCRL\ClockData
|
ClockTimeSeconds
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\IdentityCRL\ClockData
|
TickCount
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Outlook\Profiles\NoEmail\3517490d76624c419a828607e2a54604
|
001f6000
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Outlook\UserInfo
|
SharingMachineID
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Outlook\Profiles\NoEmail\0a0d020000000000c000000000000046
|
000b049c
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Outlook\Profiles\NoEmail\0a0d020000000000c000000000000046
|
001f0433
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Outlook\Profiles\NoEmail\0a0d020000000000c000000000000046
|
000b0465
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Property
|
0018C00FAEE371DF
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Common\ClientTelemetry\Volatile
|
MsaDevice
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\Internet
|
UseRWHlinkNavigation
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\Internet
|
UseRWOSHlinkNavigation
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Outlook\Profiles\NoEmail\9207f3e0a3b11019908b08002b2a56c2
|
11023d05
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Word\Security\Trusted Documents
|
LastPurgeTime
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Common\ClientTelemetry\Sampling
|
6
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Outlook\Logging
|
NULL
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00006109F00000000000000000F01FEC\Usage
|
OutlookMAPI2
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\LanguageResources\EnabledEditingLanguages
|
en-CH
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\LanguageResources\EnabledEditingLanguages
|
en-GB
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\LanguageResources\EnabledEditingLanguages
|
en-CH
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\LanguageResources\EnabledEditingLanguages
|
en-GB
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common
|
SessionId
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\Experiment\outlook
|
EcsRequestPending
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Common\CrashPersistence\OUTLOOK\5204
|
0
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Common\CrashPersistence\OUTLOOK\5204
|
0
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00006109A10090400000000000F01FEC\Usage
|
OutlookMAPI2Intl_1033
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Outlook\Profiles\NoEmail\0a0d020000000000c000000000000046
|
00030429
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Outlook\Profiles\NoEmail\9375CFF0413111d3B88A00104B2A6676
|
{ED475418-B0D6-11D2-8C3B-00104B2A6676}
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Outlook\Profiles\NoEmail\9375CFF0413111d3B88A00104B2A6676
|
LastChangeVer
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Exchange\Forms Registry
|
CacheSyncCount
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Common\CrashPersistence\OUTLOOK\5204
|
0
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Common\CrashPersistence\OUTLOOK\5204
|
0
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Outlook\Profiles\NoEmail\9375CFF0413111d3B88A00104B2A6676
|
{ED475418-B0D6-11D2-8C3B-00104B2A6676}
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Outlook\Profiles\NoEmail\9375CFF0413111d3B88A00104B2A6676
|
LastChangeVer
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00006109F10090400000000000F01FEC\Usage
|
HyphenationFiles_1033
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00006109F10090400000000000F01FEC\Usage
|
HyphenationFiles_1033
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00006109F10090400000000000F01FEC\Usage
|
HyphenationFiles_1033
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Common\CrashPersistence\OUTLOOK\5204
|
0
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Common\CrashPersistence\OUTLOOK\5204
|
0
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Outlook\AddinsData\ColleagueImport.ColleagueImportAddin
|
LoadCount
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\Internet\WebServiceCache\AllUsers\officeclient.microsoft.com\config16--lcid=1033&syslcid=8192&uilcid=1033&build=16.0.16827&crev=3\0
|
FilePath
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\Internet\WebServiceCache\AllUsers\officeclient.microsoft.com\config16--lcid=1033&syslcid=8192&uilcid=1033&build=16.0.16827&crev=3\0
|
StartDate
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\Internet\WebServiceCache\AllUsers\officeclient.microsoft.com\config16--lcid=1033&syslcid=8192&uilcid=1033&build=16.0.16827&crev=3\0
|
EndDate
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Outlook\AddInLoadTimes
|
ColleagueImport.ColleagueImportAddin
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Common\CrashPersistence\OUTLOOK\5204
|
0
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Common\CrashPersistence\OUTLOOK\5204
|
0
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Outlook\AddinsData\OneNote.OutlookAddin
|
LoadCount
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\LanguageResources\EnabledEditingLanguages
|
en-CH
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\LanguageResources\EnabledEditingLanguages
|
en-GB
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\LanguageResources\EnabledEditingLanguages
|
en-CH
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\LanguageResources\EnabledEditingLanguages
|
en-GB
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Outlook\AddInLoadTimes
|
OneNote.OutlookAddin
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Common\CrashPersistence\OUTLOOK\5204
|
0
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Common\CrashPersistence\OUTLOOK\5204
|
0
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Outlook\AddinsData\OscAddin.Connect
|
LoadCount
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Outlook\AddInLoadTimes
|
OscAddin.Connect
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Common\CrashPersistence\OUTLOOK\5204
|
0
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Common\CrashPersistence\OUTLOOK\5204
|
0
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Outlook\AddinsData\UCAddin.LyncAddin.1
|
LoadCount
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Outlook\AddInLoadTimes
|
UCAddin.LyncAddin.1
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Common\CrashPersistence\OUTLOOK\5204
|
0
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Common\CrashPersistence\OUTLOOK\5204
|
0
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Outlook\AddinsData\UmOutlookAddin.FormRegionAddin
|
LoadCount
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Outlook\AddInLoadTimes
|
UmOutlookAddin.FormRegionAddin
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Common\CrashPersistence\OUTLOOK\5204
|
0
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Common\CrashPersistence\OUTLOOK\5204
|
0
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Common\CrashPersistence\OUTLOOK\5204
|
0
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Common\CrashPersistence\OUTLOOK\5204
|
0
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Common\CrashPersistence\OUTLOOK\5204
|
0
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Common\CrashPersistence\OUTLOOK\5204
|
0
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Common\CrashPersistence\OUTLOOK\5204
|
0
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Common\CrashPersistence\OUTLOOK\5204
|
0
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Outlook\Profiles\NoEmail\9375CFF0413111d3B88A00104B2A6676
|
{ED475418-B0D6-11D2-8C3B-00104B2A6676}
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Outlook\Profiles\NoEmail\9375CFF0413111d3B88A00104B2A6676
|
LastChangeVer
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\ExperimentConfigs\Ecs\outlook
|
Expires
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\ExperimentConfigs\Ecs\outlook
|
ETag
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Common\CrashPersistence\OUTLOOK\5204
|
0
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00006109F10090400000000000F01FEC\Usage
|
SpellingAndGrammarFiles_1033
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00006109F10090400000000000F01FEC\Usage
|
SpellingAndGrammarFiles_1033
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00006109F100C0400000000000F01FEC\Usage
|
SpellingAndGrammarFiles_1036
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00006109F100C0400000000000F01FEC\Usage
|
SpellingAndGrammarFiles_1036
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00006109F100A0C00000000000F01FEC\Usage
|
SpellingAndGrammarFiles_3082
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00006109F100A0C00000000000F01FEC\Usage
|
SpellingAndGrammarFiles_3082
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Outlook\Profiles\NoEmail\9375CFF0413111d3B88A00104B2A6676
|
LastChangeVer
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Token\{2B379600-B42B-4FE9-A59C-A312FB934935}
|
DeviceTicket
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Token\{2B379600-B42B-4FE9-A59C-A312FB934935}
|
DeviceId
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Outlook\Search\Catalog
|
C:\Users\user\Documents\Outlook Files\Outlook Data File - NoEmail.pst
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Outlook\Settings
|
Accounts
|
There are 127 hidden registries, click here to show them.
DOM / HTML
|
URL
|
Malicious
|
|
|---|---|---|
|
https://27003262.hs-sites-eu1.com/informa%C3%A7%C3%A3o-sobre-atualiza%C3%A7%C3%A3o-no-portal-cliente-%E2%9A%A0%EF%B8%8F?ecid=AOKeC1bLyOZj9_NJ4Kz9NKQS_ZaLkkDFNsgv1PuIqJ2wvGPCRJcNHKTMYPPESNZczf1BXTvt362c&utm_campaign=MFA%20Portal%20Cliente&utm_medium=email&_hsenc=p2ANqtz-9kZXqHqHi8k8amCmOJHNWSbLWCGNe05dCIBhdGaJfUyHrQazcM5pEYQ74eSQco_NzdLXZGpspdTYLPqDSwgF1Igjpdig&_hsmi=96739534&utm_content=96739534&utm_source=hs_email
|
||
|
https://27003262.hs-sites-eu1.com/informa%C3%A7%C3%A3o-sobre-atualiza%C3%A7%C3%A3o-no-portal-cliente-%E2%9A%A0%EF%B8%8F?ecid=AOKeC1bLyOZj9_NJ4Kz9NKQS_ZaLkkDFNsgv1PuIqJ2wvGPCRJcNHKTMYPPESNZczf1BXTvt362c&utm_campaign=MFA%20Portal%20Cliente&utm_medium=email&_hsenc=p2ANqtz-9kZXqHqHi8k8amCmOJHNWSbLWCGNe05dCIBhdGaJfUyHrQazcM5pEYQ74eSQco_NzdLXZGpspdTYLPqDSwgF1Igjpdig&_hsmi=96739534&utm_content=96739534&utm_source=hs_email
|