Phishing Analysis
Detailed analysis of captured phishing page
Captura Visual
Informações de Detecção
https://login.microsoftonline.us.office.rp1.abangaritest.govshn.net/common/oauth2/v2.0/authorize?client_id=2ddfbe71-ed12-4123-b99b-d5fc8a062a79&redirect_uri=https://admin.gov.teams.microsoft.us.office.rp1.abangaritest.govshn.net/signin-oidc&response_type=code%20id_token&scope=openid%20profile&response_mode=form_post&nonce=637772685657310557.odkwmwjkymytmdjkmi00nza4lthhmmutywuxogy1zmu5nzy0mjkxnzaxmtatmda5my00njy5lweznmqtndlkmdg5nmnmnzhl&post_logout_redirect_uri=https://admin.gov.teams.microsoft.us.office.rp1.abangaritest.govshn.net&msafed=0&state=cfdj8pc3mn3dqkxdletsooxw7-yvcdypvi5n1ff9tgpwonxd-8hmmntko03yv9bycrw_euvq6xf7h5oivcpbqu2bek32hxaywqotyvt5xbdcdbenmri2z3of8hw0az4a8vf-ktwfzjiveii4qq7gjxr18j_x9ozfsupezjzrnqwylcl8qpo7u4m55tijxpuax2yydddhiowubmgadx6tai_nfhgy8awq4p2yxger5386sgd7usuihwyapfcolwhdl-tgi9imqmzxfsdteolr8ppfehaju5agj5dplvc01uyvygtm2kbhxlsyzg4cbrvn1ztv0yoehnfdsvsebqicunatxq9uh-j_p_rl8jnvopmlyxvids4knkfgwlqttqcjhbuocbdaym_qnh4sfl7a6lzpuyhek0ujav-h-n41zg-9nxhdoavmsy4flfitghn8c8xfia&x-client-sku=id_net461&x-client-ver=5.6.0.0
Detected Brand
Microsoft
Country
International
Confiança
100%
HTTP Status
200
Report ID
d3a0b22e-a07…
Analyzed
2025-12-28 20:15
Final URL (after redirects)
https://login.microsoftonline.us.office.rp1.abangaritest.govshn.net/common/oauth2/v2.0/authorize?client_id=2ddfbe71-ed12-4123-b99b-d5fc8a062a79&redirect_uri=https://admin.gov.teams.microsoft.us.office.rp1.abangaritest.govshn.net/signin-oidc&response_type=code%20id_token&scope=openid%20profile&response_mode=form_post&nonce=637772685657310557.odkwmwjkymytmdjkmi00nza4lthhmmutywuxogy1zmu5nzy0mjkxnzaxmtatmda5my00njy5lweznmqtndlkmdg5nmnmnzhl&post_logout_redirect_uri=https://admin.gov.teams.microsoft.us.office.rp1.abangaritest.govshn.net&msafed=0&state=cfdj8pc3mn3dqkxdletsooxw7-yvcdypvi5n1ff9tgpwonxd-8hmmntko03yv9bycrw_euvq6xf7h5oivcpbqu2bek32hxaywqotyvt5xbdcdbenmri2z3of8hw0az4a8vf-ktwfzjiveii4qq7gjxr18j_x9ozfsupezjzrnqwylcl8qpo7u4m55tijxpuax2yydddhiowubmgadx6tai_nfhgy8awq4p2yxger5386sgd7usuihwyapfcolwhdl-tgi9imqmzxfsdteolr8ppfehaju5agj5dplvc01uyvygtm2kbhxlsyzg4cbrvn1ztv0yoehnfdsvsebqicunatxq9uh-j_p_rl8jnvopmlyxvids4knkfgwlqttqcjhbuocbdaym_qnh4sfl7a6lzpuyhek0ujav-h-n41zg-9nxhdoavmsy4flfitghn8c8xfia&x-client-sku=id_net461&x-client-ver=5.6.0.0&sso_reload=true
Hashes de Conteúdo (Similaridade HTML)
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T1089208B1B410783B829BC5FEF235E9012758E544D34B5FB5E9AC83CD18D791CE93252A |
|
CONTENT
ssdeep
|
192:QjJqO7UH89ZaP7seoxvb5aOLa7QodSOqF4a5Sl1vp2P5+G:pO747seoxrLCQu3a41U5+G |
Hashes Visuais (Similaridade de Captura)
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
8459717666d95966 |
|
VISUAL
aHash
|
0000383b37373737 |
|
VISUAL
dHash
|
88e4d2d3e5eee6e6 |
|
VISUAL
wHash
|
00003b3f373f3737 |
Análise de Código
Risk Score
100/100
Nível de Ameaça
CRITICAL
⚠️ Phishing Confirmed
🎣 Credential Harvester
🎣 OTP Stealer
🎣 Banking
🎣 Personal Info
🔬 Threat Analysis Report
• Ameaça: Ataque de phishing de coleta de credenciais direcionado a usuários da Microsoft.
• Alvo: Usuários da Microsoft, provavelmente direcionados a funcionários do governo devido ao subdomínio '.govshn.net'.
• Método: Página de login falsa da Microsoft para roubar e-mail/telefone e senha.
• Exfil: Desconhecido, mas provavelmente enviado para um servidor controlado pelo invasor.
• Indicadores: Discordância de domínio, nome de domínio suspeito (abangaritest.govshn.net), formulário de login.
• Risco: CRÍTICO - Roubo de credenciais em tempo real que leva ao comprometimento da conta.
🔐 Credential Harvesting Forms
📤 Form Action Targets
- https://login.microsoftonline.us.office.rp1.abangaritest.govshn.net/common/login
Similar Websites
Pages with identical visual appearance (based on perceptual hash)
Scan History for login.microsoftonline.us.office.rp1.abangaritest.govshn.net
Found 10 other scans for this domain
-
http://login.microsoftonline.us.office.rp1.abangar...
http://login.microsoftonline.us.office.rp1.abangar...
http://login.microsoftonline.us.office.rp1.abangar...
https://login.microsoftonline.us.office.rp1.abanga...
https://login.microsoftonline.us.office.rp1.abanga...
https://login.microsoftonline.us.office.rp1.abanga...
https://login.microsoftonline.us.office.rp1.abanga...
https://login.microsoftonline.us.office.rp1.abanga...
https://login.microsoftonline.us.office.rp1.abanga...
https://login.microsoftonline.us.office.rp1.abanga...
"Nunca pensei que aconteceria comigo"
Isso dizem os 2,3 milhões de vítimas a cada ano. Não espere para ser uma estatística.