SafeMode - Analysis: adobe.authorised-support.com

Captura Visual

Screenshot of adobe.authorised-support.com

Informações de Detecção

http://adobe.authorised-support.com/login/CFf9aOkGWsy07i0s-EFU1vq3ThKYAREV3UkY=9CA==/dfeyClRYnL-1gpHBCdJsrrxWw6mYBr3P/

Detected Brand

Adobe

Country

International

Confiança

95%

HTTP Status

200

Report ID

0cb00d16-07e…

Analyzed

2026-03-17 17:32

Final URL (after redirects)

http://adobe.authorised-support.com/login/CFf9aOkGWsy07i0s-EFU1vq3ThKYAREV3UkY=9CA==6V1JZVFNpWllRX1g=/dfeyClRYnL-1gpHBCdJsrrxWw6mYBr3P/

Hashes de Conteúdo (Similaridade HTML)

Used to detect similar phishing pages based on HTML content

Algorithm	Hash Value
CONTENT TLSH	T1E6B143B02090BC3B650356E1F3E2B353A2908245D9171643F3F987BD0FE5D2AED925AB
CONTENT ssdeep	96:NJxrJoxLz8z2IVDgvHnc4Go6a1ks1gxYW:NJNJox8rVDgv8ro6a1VKKW

Hashes Visuais (Similaridade de Captura)

Used to detect visually similar phishing pages based on screenshots

Algorithm	Hash Value
VISUAL pHash	93136c64ed6d9236
VISUAL aHash	000c0e0e0e0e04fb
VISUAL dHash	2358585858581826
VISUAL wHash	010f0e0e0e0e0eff
VISUAL colorHash	070000001c0
VISUAL cropResistant	b2a082a0a082a0b2,0000000006040400,2758585858585823

Análise de Código

Risk Score 53/100

Nível de Ameaça ALTO

⚠️ Phishing Confirmed

🎣 Credential Harvester

🔬 Threat Analysis Report

• Ameaça: Phishing
• Alvo: Usuários Adobe
• Método: Impersonação e coleta de credenciais
• Exfil: Provavelmente para um servidor controlado por atacantes
• Indicadores: Incompatibilidade de domínio, JavaScript ofuscado, formulário de login
• Risco: Alto

🔒 Obfuscation Detected

document.write

📊 Detalhamento da Pontuação de Risco

Total Risk Score

90/100

Contributing Factors

Domain Mismatch

The domain doesn't align with the official Adobe domain.

Form with Sensitive Fields

The site asks for an email address, indicating an attempt to steal credentials.

Obfuscated Javascript

Detection of obfuscated code, a common phishing tactic.

Impersonation

The site uses Adobe branding to create a false sense of legitimacy

🔬 Análise Integral de Ameaças

Tipo de Ameaça

Credential Harvesting Kit

Alvo

Adobe users (International)

Método de Ataque

Brand impersonation + credential harvesting forms + obfuscated JavaScript

Canal de Exfiltração

Form submission (backend endpoint not detected - likely JavaScript-based)

Avaliação de Risco

MEDIUM - Automated credential harvesting with Form submission (backend endpoint not detected - likely JavaScript-based)

⚠️ Indicators of Compromise

Kit types: Credential Harvester
1 obfuscation techniques

🏢 Análise de Falsificação de Marca

Impersonated Brand

Adobe

Official Website

adobe.com

Fake Service

Adobe Account Login

⚔️ Metodologia de Ataque

Primary Method: Credential Harvesting

The site uses a fake login form to collect user credentials (email address, etc.) by mimicking the Adobe login page. Once the user enters their credentials, they are sent to the attacker.

Secondary Method: Javascript Obfuscation

The Javascript code is obfuscated to make it difficult to detect and understand, which hides malicious activities, like the exfiltration of stolen data.