Phishing Analysis

🔬 Threat Analysis Report

• Ameaça: Phishing de credenciais
• Alvo: Funcionários/Usuários do Malta Airport
• Método: Falsificação de domínio
• Exfil: Credenciais roubadas
• Indicadores: Domínio incompatível, Campo de formulário
• Risco: Alto

🎯 Kit Endpoints

• https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000001-0000-cff1-ce00-903832305169&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=d98292e6-fa3f-ce32-2888-21bc5137cc6d&protectedtoken=true&domain_hint=maltairport.com&nonce=236479803447.ec82d3ed-b372-7cd6-3e42-fcfc13352e79&state=aW5ncmlkLm1pY2FsbGVmQG1hbHRhaXJwb3J0LmNvbQ#
• https://login.microsoftonline.com/common/login#
• https://passwordreset.microsoftonline.com/?ru=https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000001-0000-cff1-ce00-588329030920&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=d98292e6-fa3f-ce32-1107-21bc5137cc6d&protectedtoken=true&domain_hint=maltairport.com&nonce=977779769301.ec82d3ed-b372-7cd6-3e42-fcfc13352e79&state=aW5ncmlkLm1pY2FsbGVmQG1hbHRhaXJwb3J0LmNvbQ#
• https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000001-0000-cff1-ce00-347724824671&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=d98292e6-fa3f-ce32-3257-21bc5137cc6d&protectedtoken=true&domain_hint=maltairport.com&nonce=764369411043.ec82d3ed-b372-7cd6-3e42-fcfc13352e79&state=aW5ncmlkLm1pY2FsbGVmQG1hbHRhaXJwb3J0LmNvbQ#

Domain Information