Phishing Analysis

🔬 Threat Analysis Report

• Ameaça: Phishing
• Alvo: Usuários Microsoft
• Método:  Impersonação e ofuscação JavaScript
• Exfil: Desconhecido (provavelmente credenciais)
• Indicadores: Domínio não relacionado, ofuscação JavaScript, mensagem de sessão inválida.
• Risco: ALTO

🔒 Obfuscation Detected

• atob
• eval
• fromCharCode
• unicode_escape
• base64_strings

🎯 Kit Endpoints

• https://evilmartians.com/chronicles/postcss-8-plugin-migration`),m.env.LANG&&m.env.LANG.startsWith(
• https://tailwindcss.com/docs/content-configuration#safelisting-classes
• https://tailwindcss.com`}),...e.nodes])},container:(()=
• https://tailwindcss.com/docs/content-configuration
• https://mths.be/cssesc
• https://tailwindcss.com/docs/content-configuration#discarding-classes
• https://tailwindcss.com/docs/upgrade-guide#prefix-cannot-be-a-function
• https://tailwindcss.com/docs/upgrade-guide#configure-content-sources
• https://tailwindcss.com/docs/using-with-preprocessors#nesting
• https://cdn.tailwindcss.com
• https://tailwindcss.com/docs/upgrade-guide#remove-dark-mode-configuration
• https://www.w3ctech.com/topic/2226`));let
• https://spline.design/?utm_source=spline-viewer&utm_campaign=spline-logo
• https://tailwindcss.com/docs/content-configuration#pattern-recommendations
• https://twitter.com/browserslist
• https://tailwindcss.com/docs/upgrade-guide#replace-variants-with-layer
• https://tailwindcss.com/docs/installation

📡 API Calls Detected

• ${TW}

🦠 Malicious Files