Skip to content

Commit

Permalink
Update and rename microsoft-outlook-ahof57.yml to microsoft-outlook-1…
Browse files Browse the repository at this point in the history
…42e470f.yml
  • Loading branch information
IlluminatiFish authored Jul 14, 2024
1 parent 325c671 commit a866134
Show file tree
Hide file tree
Showing 2 changed files with 27 additions and 34 deletions.
27 changes: 27 additions & 0 deletions indicators/microsoft-outlook-142e470f.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,27 @@
title: Microsoft Outlook Phishing Kit 142e470f
description: |
Detects a phishing kit targeting Microsoft Outlook. Users are being tricked into entering their Microsoft credentials into a fake form. This kit targets Spanish speaking users.
Found as a result of this kit being deployed on Replit.
references:
- https://urlscan.io/result/142e470f-9579-4190-a4a0-9cae5f61df9f/
- https://urlscan.io/result/2e3b1290-d3d0-4cb1-ae45-8b7c3b5a5023/

detection:

htmlContent:
html|contains|all:
- '<input id="clave"'
- '<div style="position:relative; top:0; margin-right:auto;margin-left:auto; z-index:99999">'

assets:
requests|contains|all:
- 'imagen.jpg'
- 'forma.css'


condition: assets and htmlContent

tags:
- kit
- target.microsoft
- target.microsoft_outlook
34 changes: 0 additions & 34 deletions indicators/microsoft-outlook-ahof57.yml

This file was deleted.

0 comments on commit a866134

Please sign in to comment.