SafeMode - Analysis: channelhub.online

Captura Visual

Informações de Detecção

https://channelhub.online/ie0898b1b6992a4e4btb42b5e12j0fa4fce8.html

Detected Brand

Microsoft

Country

International

Confiança

95%

HTTP Status

200

Report ID

d9d8f65d-c8c…

Analyzed

2026-01-25 18:13

Hashes de Conteúdo (Similaridade HTML)

Used to detect similar phishing pages based on HTML content

Algorithm	Hash Value
CONTENT TLSH	T106D100316040AD3712D3D6D8B3B56B1B3384C205DE8757AA97E8C39E4EFBE61CC19292
CONTENT ssdeep	96:qvWFAzQgIeu0nPK/AmvUAK5KbdPs/l+veRzKDafEAD9NltZdSsTZS4W5QQOGAM2B:3gI0/lnRWDeZ9NVhW5UEIf

Hashes Visuais (Similaridade de Captura)

Used to detect visually similar phishing pages based on screenshots

Algorithm	Hash Value
VISUAL pHash	9c497326cc99d966
VISUAL aHash	180018181d1f1f9f
VISUAL dHash	7161713325727d38
VISUAL wHash	191818181f1f1fff
VISUAL colorHash	07000000180
VISUAL cropResistant	7161713325727d38

Análise de Código

Risk Score 63/100

Nível de Ameaça ALTO

⚠️ Phishing Confirmed

🎣 Credential Harvester

🔬 Threat Analysis Report

• Ameaça: Kit de phishing para roubo de credenciais
• Alvo: Usuários da Microsoft globalmente
• Método: Formulário falso que rouba credenciais de email, telefone ou Skype
• Exfil: Possível exfiltração de dados via JavaScript ofuscado
• Indicadores: Domínio não relacionado, discrepância de domínio, formulário de phishing
• Risco: ALTO - Roubo imediato de credenciais

🔒 Obfuscation Detected

atob

📊 Detalhamento da Pontuação de Risco

Total Risk Score

85/100

Contributing Factors

Active Phishing Kit

Detected Credential Harvester kit targeting Microsoft credentials with form fields for email, phone, or Skype.

Brand Impersonation

Impersonates Microsoft, a high-value target for credential harvesting and account takeover.

Obfuscation Techniques

Detected 1 obfuscation technique, indicating attempts to evade detection.

Lack of External Services

No Telegram bots, Discord webhooks, or WebSocket URLs detected, reducing immediate exfiltration risk but not eliminating it.

🔬 Análise Integral de Ameaças

Tipo de Ameaça

Credential Theft (Fake Microsoft Login)

Alvo

Microsoft users (International)

Canal de Exfiltração

N/A (Landing page - no direct data collection)

🏢 Análise de Falsificação de Marca

Impersonated Brand

Microsoft

Official Website

https://www.microsoft.com

Fake Service

Microsoft account login verification

⚔️ Metodologia de Ataque

Primary Method: Credential Harvesting

The phishing kit presents a fake Microsoft login page to capture user credentials (email, phone, or Skype) via a form submission. The harvested data is likely transmitted to a backend server controlled by the attacker for immediate use or sale.

Secondary Method: Account Takeover

Once credentials are harvested, attackers can gain unauthorized access to Microsoft accounts, enabling further exploitation such as data theft, financial fraud, or lateral movement within corporate networks.