EN ES PT
Back to Stats

Visual Capture

Screenshot of mmm-office.org

Detection Info

http://mmm-office.org/#
Detected Brand
Unknown
Country
International
Confidence
90%
HTTP Status
200
Report ID
46f5ef1c-e27…
Analyzed
2026-03-17 02:05
Final URL (after redirects)
https://mmm-office.org/user/redirect

Content Hashes (HTML Similarity)

Used to detect similar phishing pages based on HTML content

Algorithm Hash Value
CONTENT TLSH
T1151175321042F8130651E1CDE19577EDF6E38105CA6B0A96B3EB97AC4CE6C0ACC7610E
CONTENT ssdeep
12:hRyLczjy7F8LuDZsaxON+ibjp0h2LHFt0yQd5U/T6qDT4/owc+Wd8LMUAd6M:hRyLcPCcuD7xw3pLXQvU/XTkoz9d8fxM

Visual Hashes (Screenshot Similarity)

Used to detect visually similar phishing pages based on screenshots

Algorithm Hash Value
VISUAL pHash
93336cccb3338ccc
VISUAL aHash
0000002418180000
VISUAL dHash
0000002832100000
VISUAL wHash
f0f0e0e0f8e0f0f0
VISUAL colorHash
07008038200
VISUAL cropResistant
0000002832100000

Code Analysis

Risk Score 56/100
Threat Level MEDIO
⚠️ Phishing Confirmed
🎣 Credential Harvester

🔬 Threat Analysis Report

• Threat: Phishing
• Target: Unknown
• Method: Redirect
• Exfil: Unknown
• Indicators: Generic 'secure connection' screen, suspicious logo, countdown.
• Risk: Medium

🔒 Obfuscation Detected

  • fromCharCode
  • unescape

📡 API Calls Detected

  • POST

📊 Risk Score Breakdown

Total Risk Score
65/100

Contributing Factors

Suspicious Logo
The logo is not recognizable and does not match any known brand.
Countdown Redirect
A countdown timer is often used to create a sense of urgency, which can be a phishing tactic.
Domain Age
Relatively new domain increases risk.
Obfuscation
Obfuscated code is a common attempt to hide malicious code

🔬 Comprehensive Threat Analysis

Threat Type
Credential Harvesting Kit
Target
General public
Attack Method
credential harvesting forms + obfuscated JavaScript
Exfiltration Channel
Form submission (backend endpoint not detected - likely JavaScript-based)
Risk Assessment
MEDIUM - Automated credential harvesting with Form submission (backend endpoint not detected - likely JavaScript-based)

⚠️ Indicators of Compromise

  • Kit types: Credential Harvester
  • 4 obfuscation techniques

🏢 Brand Impersonation Analysis

Impersonated Brand
Unknown

⚔️ Attack Methodology

Primary Method: Redirect Phishing

The site uses a countdown timer to automatically redirect the user. This is often used to send the user to a more elaborate phishing page.

🌐 Infrastructure Indicators of Compromise

Domain Information

Domain
mmm-office.org
Registered
Unknown
Registrar
Unknown
Status
Active

🤖 AI-Extracted Threat Intelligence

😰
"I Never Thought It Would Happen to Me"
That's what 2.3 million victims say every year. Don't wait to become a statistic.