SafeMode - Analysis: adobe.authorised-support.com

Captura Visual

Screenshot of adobe.authorised-support.com

Información de Detección

http://adobe.authorised-support.com/login/CFf9aOkGWsy07i0s-EFU1vq3ThKYAREV3UkY=9CA==/dfeyClRYnL-1gpHBCdJsrrxWw6mYBr3P/

Detected Brand

Adobe

Country

International

Confianza

95%

HTTP Status

200

Report ID

0cb00d16-07e…

Analyzed

2026-03-17 17:32

Final URL (after redirects)

http://adobe.authorised-support.com/login/CFf9aOkGWsy07i0s-EFU1vq3ThKYAREV3UkY=9CA==6V1JZVFNpWllRX1g=/dfeyClRYnL-1gpHBCdJsrrxWw6mYBr3P/

Hashes de Contenido (Similitud HTML)

Used to detect similar phishing pages based on HTML content

Algorithm	Hash Value
CONTENT TLSH	T1E6B143B02090BC3B650356E1F3E2B353A2908245D9171643F3F987BD0FE5D2AED925AB
CONTENT ssdeep	96:NJxrJoxLz8z2IVDgvHnc4Go6a1ks1gxYW:NJNJox8rVDgv8ro6a1VKKW

Hashes Visuales (Similitud de Captura)

Used to detect visually similar phishing pages based on screenshots

Algorithm	Hash Value
VISUAL pHash	93136c64ed6d9236
VISUAL aHash	000c0e0e0e0e04fb
VISUAL dHash	2358585858581826
VISUAL wHash	010f0e0e0e0e0eff
VISUAL colorHash	070000001c0
VISUAL cropResistant	b2a082a0a082a0b2,0000000006040400,2758585858585823

Análisis de Código

Risk Score 53/100

Nivel de Amenaza ALTO

⚠️ Phishing Confirmed

🎣 Credential Harvester

🔬 Threat Analysis Report

• Amenaza: Phishing
• Objetivo: Usuarios de Adobe
• Método: Suplantación de identidad y recopilación de credenciales
• Exfil: Probablemente a un servidor controlado por atacantes
• Indicadores: Discordancia de dominio, JavaScript ofuscado, formulario de inicio de sesión
• Riesgo: Alto

🔒 Obfuscation Detected

document.write

📊 Desglose de Puntuación de Riesgo

Total Risk Score

90/100

Contributing Factors

Domain Mismatch

The domain doesn't align with the official Adobe domain.

Form with Sensitive Fields

The site asks for an email address, indicating an attempt to steal credentials.

Obfuscated Javascript

Detection of obfuscated code, a common phishing tactic.

Impersonation

The site uses Adobe branding to create a false sense of legitimacy

🔬 Análisis Integral de Amenazas

Tipo de Amenaza

Credential Harvesting Kit

Objetivo

Adobe users (International)

Método de Ataque

Brand impersonation + credential harvesting forms + obfuscated JavaScript

Canal de Exfiltración

Form submission (backend endpoint not detected - likely JavaScript-based)

Evaluación de Riesgo

MEDIUM - Automated credential harvesting with Form submission (backend endpoint not detected - likely JavaScript-based)

⚠️ Indicators of Compromise

Kit types: Credential Harvester
1 obfuscation techniques

🏢 Análisis de Suplantación de Marca

Impersonated Brand

Adobe

Official Website

adobe.com

Fake Service

Adobe Account Login

⚔️ Metodología de Ataque

Primary Method: Credential Harvesting

The site uses a fake login form to collect user credentials (email address, etc.) by mimicking the Adobe login page. Once the user enters their credentials, they are sent to the attacker.

Secondary Method: Javascript Obfuscation

The Javascript code is obfuscated to make it difficult to detect and understand, which hides malicious activities, like the exfiltration of stolen data.