Microsoft Phishing Kit be5a6fa

Detects a Microsoft phishing kit targeting Spanish speaking users.

References

https://urlscan.io/result/be5a6faa-f5fc-41e1-8274-4999b5d8c616
https://urlscan.io/result/00495934-edf4-4625-9a35-7955f6df5367

IOK Rule (edit)

title: Microsoft Phishing Kit be5a6fa
description: |
    Detects a Microsoft phishing kit targeting Spanish speaking users.
    
references:
    - https://urlscan.io/result/be5a6faa-f5fc-41e1-8274-4999b5d8c616
    - https://urlscan.io/result/00495934-edf4-4625-9a35-7955f6df5367

detection:

    divClass:
      html|contains: 'class="padree"'

    otherDivClass:
      html|contains: 'class="hijoi"'

    inputFieldClass:
      html|contains: 'class="hijo_uno"'

    logoFileName:
      html|contains: 'for-lt-ie10.png'

    condition: divClass and otherDivClass and inputFieldClass and logoFileName

tags:
  - kit
  - target.microsoft