Phishing Analysis
Detailed analysis of captured phishing page
Visual Capture
Detection Info
https://atlasglobalvault.com/
Detected Brand
Unknown
Country
International
Confidence
100%
HTTP Status
200
Report ID
19825dc7-383…
Analyzed
2026-06-17 23:50
Content Hashes (HTML Similarity)
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T15C821F383140767790C7D2E6AA74A7AFB3D1C68ACB279B0AA2F8C3495FDBC45CD40254 |
|
CONTENT
ssdeep
|
192:Xm7b9KbIlWKPXdXabk/fN7XyexArRd/rZUjRL6jpbQ2NJ5v6tYCVA8fA:Xm/92IlWC1SSuQ2NJl6tYC1fA |
Visual Hashes (Screenshot Similarity)
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
c3343c9386e5ba96 |
|
VISUAL
aHash
|
660030707c6c7070 |
|
VISUAL
dHash
|
d460c0c4ccc8c061 |
|
VISUAL
wHash
|
6e1870707e7c78f0 |
|
VISUAL
colorHash
|
38002400000 |
|
VISUAL
cropResistant
|
d460c0c4ccc8c061 |
Code Analysis
Risk Score
82/100
Threat Level
ALTO
⚠️ Phishing Confirmed
🎣 Credential Harvester
🎣 OTP Stealer
🎣 Banking
🎣 Personal Info
🔬 Threat Analysis Report
• Threat: Cryptocurrency Drainer
• Target: Web3 Wallet Users
• Method: Malicious wallet connection prompt
• Exfil: JavaScript-based exfiltration to unauthorized remote servers
• Indicators: Obfuscated JS code, unrealistic DeFi stats
• Risk: High (Asset theft)
🔒 Obfuscation Detected
- eval
- fromCharCode
- hex_escape
- unicode_escape
🎯 Kit Endpoints
- auth/login
📡 API Calls Detected
- GET
📊 Risk Score Breakdown
Total Risk Score
95/100
Contributing Factors
JavaScript Obfuscation
Used to hide malicious drainer logic.
DeFi Scam Indicators
Unrealistic yield claims and suspicious wallet connection prompt.
🔬 Comprehensive Threat Analysis
Threat Type
Banking Credential Harvester
Target
General public
Attack Method
obfuscated JavaScript
Exfiltration Channel
Unknown
Risk Assessment
CRITICAL - Automated credential harvesting with Unknown
⚠️ Indicators of Compromise
- Kit types: Credential Harvester, OTP Stealer, Banking, Personal Info
- 54 obfuscation techniques
🏢 Brand Impersonation Analysis
Impersonated Brand
AtLas Global
Fake Service
Crypto Staking/Investment
Fraudulent Claims
⚔️ Attack Methodology
Primary Method: Wallet Drainer
Prompts users to connect a wallet (e.g., MetaMask, TrustWallet) to execute malicious smart contract interactions designed to steal tokens or NFTs.
Secondary Method: Deceptive Marketing
Uses fake prestige and statistics to build false trust with visitors.
Target Blockchain
Ethereum/EVM-compatible
🌐 Infrastructure Indicators of Compromise
Domain Information
Domain
atlasglobalvault.com
Registered
2026-04-07
Registrar
Unknown
Status
Active
🤖 AI-Extracted Threat Intelligence
"I Never Thought It Would Happen to Me"
That's what 2.3 million victims say every year. Don't wait to become a statistic.