SafeMode - Analysis: ludicando.com.br

Visual Capture

Detection Info

http://ludicando.com.br/wp-admin/img/www.ziggo.nl/login

Detected Brand

Instagram

Country

International

Confidence

100%

HTTP Status

200

Report ID

a4d6837b-666…

Analyzed

2026-03-17 01:10

Final URL (after redirects)

https://www.instagram.com/accounts/login/?next=https%3A%2F%2Fwww.instagram.com%2Fludicando.club&is_from_rle

Content Hashes (HTML Similarity)

Used to detect similar phishing pages based on HTML content

Algorithm	Hash Value
CONTENT TLSH	T15D934BB1E501883D1F2F8AF5E41A66BED2429C0FB9715CB0F5ADA3637683F644A17026
CONTENT ssdeep	1536:LsnFw9QXF/qh7KhaBCHwtL7ZfT0ZNqchnFoYEaqq6lySAZHEit2lXMVDgzGryqyM:LHPaqq6MSXajispDn3OqE+GnIWnIjiDe

Visual Hashes (Screenshot Similarity)

Used to detect visually similar phishing pages based on screenshots

Algorithm	Hash Value
VISUAL pHash	b847c7383bc838c7
VISUAL aHash	ffdfcf8d8fcfffff
VISUAL dHash	983b11191939960e
VISUAL wHash	7f898888888dc3ff
VISUAL colorHash	07401008000
VISUAL cropResistant	983b11191939960e,2e672da53339590f

Code Analysis

Risk Score 100/100

Threat Level ALTO

⚠️ Phishing Confirmed

🎣 Credential Harvester 🎣 OTP Stealer 🎣 Card Stealer 🎣 Banking 🎣 Personal Info

WebSocket C2

🔬 Threat Analysis Report

• Threat: Phishing
• Target: Instagram users
• Method: Credential harvesting
• Exfil: wss://edge-chat.instagram.com/chat
• Indicators: Domain mismatch, Form for credentials, Obfuscated JavaScript
• Risk: High

🔒 Obfuscation Detected

atob
eval
fromCharCode
unescape
hex_escape
unicode_escape
base64_strings

🎯 Kit Endpoints

https://www.instagram.com/accounts/login/?next=https%3A%2F%2Fwww.instagram.com%2Fludicando.club&is_from_rle&hl=am-et
https://www.instagram.com/accounts/login/?next=https%3A%2F%2Fwww.instagram.com%2Fludicando.club&is_from_rle&hl=en
https://about.instagram.com/blog/
https://www.instagram.com/accounts/login/?next=https%3A%2F%2Fwww.instagram.com%2Fludicando.club&is_from_rle&hl=af
https://www.instagram.com/accounts/login/?next=https%3A%2F%2Fwww.instagram.com%2Fludicando.club&is_from_rle&hl=hr
https://www.instagram.com/accounts/login/?next=https%3A%2F%2Fwww.instagram.com%2Fludicando.club&is_from_rle&hl=fa
https://www.instagram.com/accounts/login/?next=https%3A%2F%2Fwww.instagram.com%2Fludicando.club&is_from_rle&hl=tl
https://www.instagram.com/accounts/login/?next=https%3A%2F%2Fwww.instagram.com%2Fludicando.club&is_from_rle&hl=pa
https://www.instagram.com/accounts/login/?next=https%3A%2F%2Fwww.instagram.com%2Fludicando.club&is_from_rle&hl=ta
https://www.instagram.com/accounts/login/?next=https%3A%2F%2Fwww.instagram.com%2Fludicando.club&is_from_rle&hl=ko
https://www.instagram.com/accounts/login/?next=https%3A%2F%2Fwww.instagram.com%2Fludicando.club&is_from_rle&hl=uk
https://www.instagram.com/accounts/login/?next=https%3A%2F%2Fwww.instagram.com%2Fludicando.club&is_from_rle&hl=zh-cn
https://www.instagram.com/accounts/login/?next=https%3A%2F%2Fwww.instagram.com%2Fludicando.club&is_from_rle&hl=si
https://www.instagram.com/accounts/login/?next=https%3A%2F%2Fwww.instagram.com%2Fludicando.club&is_from_rle&hl=el
https://www.instagram.com/accounts/login/?next=https%3A%2F%2Fwww.instagram.com%2Fludicando.club&is_from_rle&hl=es-la
https://www.instagram.com/accounts/login/?next=https%3A%2F%2Fwww.instagram.com%2Fludicando.club&is_from_rle&hl=pl
https://www.instagram.com/accounts/login/?next=https%3A%2F%2Fwww.instagram.com%2Fludicando.club&is_from_rle&hl=zh-hk
https://www.instagram.com/accounts/login/?next=https%3A%2F%2Fwww.instagram.com%2Fludicando.club&is_from_rle&hl=bn
https://www.instagram.com/accounts/login/?next=https%3A%2F%2Fwww.instagram.com%2Fludicando.club&is_from_rle&hl=es
https://www.instagram.com/accounts/login/?next=https%3A%2F%2Fwww.instagram.com%2Fludicando.club&is_from_rle&hl=pt-br
https://www.instagram.com/accounts/login/?next=https%3A%2F%2Fwww.instagram.com%2Fludicando.club&is_from_rle&hl=fi
https://www.instagram.com/accounts/login/?next=https%3A%2F%2Fwww.instagram.com%2Fludicando.club&is_from_rle&hl=te
https://www.instagram.com/accounts/login/?next=https%3A%2F%2Fwww.instagram.com%2Fludicando.club&is_from_rle&hl=ur
https://www.instagram.com/accounts/login/?next=https%3A%2F%2Fwww.instagram.com%2Fludicando.club&is_from_rle&hl=fr
https://www.instagram.com/accounts/login/?next=https%3A%2F%2Fwww.instagram.com%2Fludicando.club&is_from_rle
https://www.instagram.com/accounts/login/?next=https%3A%2F%2Fwww.instagram.com%2Fludicando.club&is_from_rle&hl=de
https://www.instagram.com/accounts/login/?next=https%3A%2F%2Fwww.instagram.com%2Fludicando.club&is_from_rle&hl=en-gb
https://www.instagram.com/accounts/login/?next=https%3A%2F%2Fwww.instagram.com%2Fludicando.club&is_from_rle&hl=da
https://www.instagram.com/accounts/login/?next=https%3A%2F%2Fwww.instagram.com%2Fludicando.club&is_from_rle&hl=gu
https://www.instagram.com/accounts/login/?next=https%3A%2F%2Fwww.instagram.com%2Fludicando.club&is_from_rle&hl=ar
https://www.instagram.com/accounts/login/?next=https%3A%2F%2Fwww.instagram.com%2Fludicando.club&is_from_rle&hl=pt
https://www.instagram.com/accounts/login/?next=https%3A%2F%2Fwww.instagram.com%2Fludicando.club&is_from_rle&hl=sv
https://www.instagram.com/accounts/login/?next=https%3A%2F%2Fwww.instagram.com%2Fludicando.club&is_from_rle&hl=sr
https://www.instagram.com/accounts/login/?next=https%3A%2F%2Fwww.instagram.com%2Fludicando.club&is_from_rle&hl=hu
https://www.instagram.com/accounts/login/?next=https%3A%2F%2Fwww.instagram.com%2Fludicando.club&is_from_rle&hl=nl
https://www.instagram.com/accounts/login/?next=https%3A%2F%2Fwww.instagram.com%2Fludicando.club&is_from_rle&hl=tr
https://www.instagram.com/accounts/login/?next=https%3A%2F%2Fwww.instagram.com%2Fludicando.club&is_from_rle&hl=mr
https://www.instagram.com/accounts/login/?next=https%3A%2F%2Fwww.instagram.com%2Fludicando.club&is_from_rle&hl=ml
https://www.instagram.com/accounts/login/?next=https%3A%2F%2Fwww.instagram.com%2Fludicando.club&is_from_rle&hl=bg
https://www.instagram.com/accounts/login/?next=https%3A%2F%2Fwww.instagram.com%2Fludicando.club&is_from_rle&hl=th
https://www.instagram.com/accounts/login/?next=https%3A%2F%2Fwww.instagram.com%2Fludicando.club&is_from_rle&hl=it
https://www.instagram.com/accounts/login/?next=https%3A%2F%2Fwww.instagram.com%2Fludicando.club&is_from_rle&hl=hi
https://www.instagram.com/accounts/login/?next=https%3A%2F%2Fwww.instagram.com%2Fludicando.club&is_from_rle&hl=ru
https://www.instagram.com/accounts/login/?next=https%3A%2F%2Fwww.instagram.com%2Fludicando.club&is_from_rle&hl=ms
https://www.instagram.com/accounts/login/?next=https%3A%2F%2Fwww.instagram.com%2Fludicando.club&is_from_rle&hl=nb
https://www.instagram.com/accounts/login/?next=https%3A%2F%2Fwww.instagram.com%2Fludicando.club&is_from_rle&hl=id
https://www.instagram.com/accounts/login/?next=https%3A%2F%2Fwww.instagram.com%2Fludicando.club&is_from_rle&hl=ro
https://www.instagram.com/accounts/login/?next=https%3A%2F%2Fwww.instagram.com%2Fludicando.club&is_from_rle&hl=cs
https://www.instagram.com/accounts/login/?next=https%3A%2F%2Fwww.instagram.com%2Fludicando.club&is_from_rle&hl=kn
https://www.instagram.com/accounts/login/?next=https%3A%2F%2Fwww.instagram.com%2Fludicando.club&is_from_rle&hl=vi
https://www.instagram.com/accounts/login/?next=https%3A%2F%2Fwww.instagram.com%2Fludicando.club&is_from_rle&hl=sw-ke
https://www.instagram.com/accounts/login/?next=https%3A%2F%2Fwww.instagram.com%2Fludicando.club&is_from_rle&hl=he
https://www.instagram.com/accounts/login/?next=https%3A%2F%2Fwww.instagram.com%2Fludicando.club&is_from_rle&hl=ha-ng
https://www.instagram.com/accounts/login/?next=https%3A%2F%2Fwww.instagram.com%2Fludicando.club&is_from_rle&hl=zh-tw
https://www.instagram.com/accounts/login/?next=https%3A%2F%2Fwww.instagram.com%2Fludicando.club&is_from_rle&hl=fr-ca
https://www.instagram.com/accounts/login/?next=https%3A%2F%2Fwww.instagram.com%2Fludicando.club&is_from_rle&hl=sk
https://www.instagram.com/accounts/login/?next=https%3A%2F%2Fwww.instagram.com%2Fludicando.club&is_from_rle&hl=ne
https://www.instagram.com/accounts/login/?next=https%3A%2F%2Fwww.instagram.com%2Fludicando.club&is_from_rle&hl=ja
https://www.instagram.com/accounts/login/?next=https%3A%2F%2Fwww.instagram.com%2Fludicando.club&is_from_rle&hl=om-et

📡 API Calls Detected

about:blank
HEAD
GET
AsyncStorage

📊 Risk Score Breakdown

Total Risk Score

90/100

Contributing Factors

Domain Mismatch

The domain does not match the brand's official domain.

Impersonation

The site mimics the visual appearance of Instagram to deceive users.

Form for Credentials

The presence of a login form requesting sensitive information.

🔬 Comprehensive Threat Analysis

Threat Type

Banking Credential Harvester

Target

Instagram users (International)

Attack Method

Brand impersonation + credential harvesting forms + real-time WebSocket exfiltration + obfuscated JavaScript

Exfiltration Channel

WebSocket (1 endpoints)

Risk Assessment

CRITICAL - Automated credential harvesting with WebSocket (1 endpoints)

⚠️ Indicators of Compromise

Kit types: Credential Harvester, OTP Stealer, Card Stealer, Banking, Personal Info
1192 obfuscation techniques

🏢 Brand Impersonation Analysis

Impersonated Brand

Instagram

Official Website

https://www.instagram.com/

Fake Service

Instagram Login

⚔️ Attack Methodology

Primary Method: Credential Harvesting

The attacker is attempting to steal user credentials by mimicking the Instagram login page. Users are tricked into entering their login details on a fake website, which the attacker then collects.