SafeMode - Analysis: credi-emprende-ec.xo.je

Visual Capture

Detection Info

https://credi-emprende-ec.xo.je/

Detected Brand

Banco Pichincha

Country

Unknown

Confidence

100%

HTTP Status

200

Report ID

1ec2ed3a-361…

Analyzed

2026-05-11 23:54

Final URL (after redirects)

https://credi-emprende-ec.xo.je/?i=1

Content Hashes (HTML Similarity)

Used to detect similar phishing pages based on HTML content

Algorithm	Hash Value
CONTENT TLSH	T1B821DCF58141E827ABA2D0A141A1F75EB0D5C2C4D68B4F4A52E9928857DBCF8CEE1D82
CONTENT ssdeep	24:hWCHvCTMZj1Xz5chQluF0OY3NT+CiYMtF9:jpFdOGUFHY3ZhML9

Visual Hashes (Screenshot Similarity)

Used to detect visually similar phishing pages based on screenshots

Algorithm	Hash Value
VISUAL pHash	b33399cc269999cc
VISUAL aHash	e7e7e7e7e7ffffff
VISUAL dHash	4c4c4c4d2c300800
VISUAL wHash	2424242427033f3f
VISUAL colorHash	07001038000
VISUAL cropResistant	4c4c4c4d2c300800

Code Analysis

Threat Level ALTO

⚠️ Phishing Confirmed

📊 Risk Score Breakdown

Total Risk Score

40/100

🔬 Comprehensive Threat Analysis

Threat Type

Banco Pichincha Phishing Landing Page

Target

Banco Pichincha users

Attack Method

Phishing webpage

Exfiltration Channel

Form submission (backend endpoint not detected - likely JavaScript-based)

Risk Assessment

LOW - Automated credential harvesting with Form submission (backend endpoint not detected - likely JavaScript-based)

🏢 Brand Impersonation Analysis

Impersonated Brand

Banco Pichincha

Official Website

N/A

Fake Service

Credential harvesting service

⚔️ Attack Methodology

Primary Method: Search Engine Manipulation

Fake Banco Pichincha site positioned to capture victims through SEO tactics, typosquatting, or paid advertising. Serves as entry point for multi-stage attacks including credential theft and malware distribution.

Secondary Method: Standard Phishing Techniques

Uses typical phishing tactics including brand impersonation, urgency tactics, and social engineering to trick victims into providing sensitive information.