EN ES PT
Back to Stats

Visual Capture

Screenshot of mmm-office.org

Detection Info

http://mmm-office.org
Detected Brand
MMM (Likely unrelated brand)
Country
International
Confidence
95%
HTTP Status
200
Report ID
2ce6e999-ce2…
Analyzed
2026-03-17 02:05
Final URL (after redirects)
https://mmm-office.org/user/redirect

Content Hashes (HTML Similarity)

Used to detect similar phishing pages based on HTML content

Algorithm Hash Value
CONTENT TLSH
T1FC1175321042F8130651E1CDE19577EDF6E38105CA6B0A9AB3E797AC4DE6C1ACC7610E
CONTENT ssdeep
12:hRyLczjy7F8LuDZsaxON+ibjp0h2LHFt0yQd5U/T6qDT4/owc+Wd8LeAd6M:hRyLcPCcuD7xw3pLXQvU/XTkoz9d8SxM

Visual Hashes (Screenshot Similarity)

Used to detect visually similar phishing pages based on screenshots

Algorithm Hash Value
VISUAL pHash
93336cccb3338ccc
VISUAL aHash
0000002418180000
VISUAL dHash
0000002832100000
VISUAL wHash
f0f0e0e0f8e0f0f0
VISUAL colorHash
07008038200
VISUAL cropResistant
0000002832100000

Code Analysis

Risk Score 56/100
Threat Level MEDIO
⚠️ Phishing Confirmed
🎣 Credential Harvester

🔬 Threat Analysis Report

• Threat: Phishing
• Target: Unknown
• Method: Redirect to a malicious site.
• Exfil: Unknown
• Indicators: Unusual domain, generic page, redirect, obfuscation.
• Risk: Medium

🔒 Obfuscation Detected

  • fromCharCode
  • unescape

📡 API Calls Detected

  • POST

📊 Risk Score Breakdown

Total Risk Score
65/100

Contributing Factors

Domain mismatch
The domain does not match any known legitimate service, indicating it's likely not affiliated.
Obfuscation
Obfuscated code makes it hard to reverse engineer the code.
Domain Age
The domain is relatively new, which can be an indicator of malicious activity

🔬 Comprehensive Threat Analysis

Threat Type
Credential Harvesting Kit
Target
MMM (Likely unrelated brand) users (International)
Attack Method
credential harvesting forms + obfuscated JavaScript
Exfiltration Channel
Form submission (backend endpoint not detected - likely JavaScript-based)
Risk Assessment
MEDIUM - Automated credential harvesting with Form submission (backend endpoint not detected - likely JavaScript-based)

⚠️ Indicators of Compromise

  • Kit types: Credential Harvester
  • 4 obfuscation techniques

🏢 Brand Impersonation Analysis

Impersonated Brand
MMM (Likely unrelated)

⚔️ Attack Methodology

Primary Method: Redirect to phishing or malware site

The site uses a redirect, most likely to send visitors to a phishing or malware distribution campaign. The final destination is unknown from this analysis.

Secondary Method: Social engineering

The site might be using social engineering tactics to appear trustworthy.

🌐 Infrastructure Indicators of Compromise

Domain Information

Domain
mmm-office.org
Registered
Unknown
Registrar
Unknown
Status
active

🤖 AI-Extracted Threat Intelligence

😰
"I Never Thought It Would Happen to Me"
That's what 2.3 million victims say every year. Don't wait to become a statistic.