Phishing Analysis

🔬 Threat Analysis Report

• Ameaça: Phishing de credenciais
• Alvo: Usuários do Plesk
• Método: Impersonação por meio de formulário de login.
• Exfil: Credenciais.
• Indicadores: Javascript ofuscado, Formulário de login.
• Risco: ALTO

🔒 Obfuscation Detected

• atob
• eval
• fromCharCode
• unescape
• document.write
• hex_escape
• unicode_escape
• base64_strings

🎯 Kit Endpoints

• ${(0,m.default)(`/admin/report/download/file/${encodeURIComponent(n.file)}`)}
• /logout.php
• https://support.plesk.com/hc/en-us/articles/12377667582743-How-to-log-in-to-Plesk-
• log-in
• /login_up.php?modals[cookie-policy-preferences]=true

📡 API Calls Detected

• GET
• https://o447951.ingest.sentry.io/api/4509632503087104/envelope/?sentry_version=7&sentry_key=c1dfb07d783ad5325c245c1fd3725390&sentry_client=sentry.javascript.browser%2F1.33.7
• /admin/copilot/gen-answer
• /modules/notifier/index.php/notifications

Domain Information