Microsoft Phishing Kit 544eva7

Recent Detections

None found yet

We've not seen any sites matching this indicator yet. Try scanning a site you think matches this rule:

IOK Rule (edit)

title: Microsoft Phishing Kit 544eva7
description: |
    Detects a Microsoft phishing kit targeting Spanish speaking users.
    
references:
    - https://urlscan.io/result/31fcc1b0-fb7e-4947-94d3-1a4de1700954
    - https://urlscan.io/result/a4edc336-5315-471b-b1d6-4c2486a293fd
    - https://urlscan.io/result/9fad07e2-cb91-4cef-b047-bb5f794eb8c2
    - https://urlscan.io/result/c5c7ff3c-fa7c-47d9-a976-e00ea96b2a1c
    - https://urlscan.io/result/62ccd072-f825-49a8-bb6e-74d74dd7f6c0
    
detection:

    dropDownDividerID:
      html|contains: 'id="dropDownSelect1"'

    validationFunction:
      html|contains: 'soloNumeros'

    fakeSessionID:
      html|contains: '#544eva77'

    condition: dropDownDividerID and validationFunction and fakeSessionID
    
tags:
  - target.microsoft