Phishing Analysis

🔬 Threat Analysis Report

• Threat: Phishing targeting Microsoft users.
• Target: Users of Microsoft services
• Method: Imitates a legitimate Microsoft sign-in page to potentially harvest credentials or redirect to malicious sites.
• Exfil: Unknown, but likely aims to steal credentials or personal information.
• Indicators: The domain pub-84a8b022128b4443a6d59b25513f1cf6.r2.dev, which is not an official Microsoft domain, is hosting the page. The page displays a Microsoft logo and the phrase 'Taking you to your organization's sign-in page'.
• Risk: HIGH - Potential credential theft or malware installation.

🔒 Obfuscation Detected

• atob
• eval
• fromCharCode
• unicode_escape
• base64_strings

📡 API Calls Detected

• ${TW}