SafeMode - Analysis: darkmatter-darknetmarket.shop

Visual Capture

Screenshot of darkmatter-darknetmarket.shop

Detection Info

https://darkmatter-darknetmarket.shop/

Detected Brand

Unknown

Country

Unknown

Confidence

95%

HTTP Status

200

Report ID

a6734d87-008…

Analyzed

2026-06-28 23:34

Content Hashes (HTML Similarity)

Used to detect similar phishing pages based on HTML content

Algorithm	Hash Value
CONTENT TLSH	T10D52A9723D41AD36A2CAD7B52571568A61A0C116ED3BABC5C4F1A3C48FE7E4CDDE0423
CONTENT ssdeep	192:/kc9PCblHRBOLZy3x7DZemNIkFLSO6C6oJbYN/ykyVtdMwj9wSn2S5wGO+zWKxzG:cc9PCZLBx7lfZkn1abISmv+zE

Visual Hashes (Screenshot Similarity)

Used to detect visually similar phishing pages based on screenshots

Algorithm	Hash Value
VISUAL pHash	9a65cdc8cd986d98
VISUAL aHash	180404043c3c3c3c
VISUAL dHash	324c4c4c71717920
VISUAL wHash	99ff24243c3c3c3c
VISUAL colorHash	07000000e00
VISUAL cropResistant	324c4c4c71717920

Code Analysis

Risk Score 50/100

Threat Level ALTO

⚠️ Phishing Confirmed

🎣 OTP Stealer

📊 Risk Score Breakdown

Total Risk Score

75/100

Contributing Factors

Active Phishing Kit

Detected kit types: OTP Stealer

🔬 Comprehensive Threat Analysis

Threat Type

Two-Factor Authentication Stealer

Target

General public

Attack Method

Phishing webpage

Exfiltration Channel

Unknown

Risk Assessment

MEDIUM - Automated credential harvesting with Unknown

⚠️ Indicators of Compromise

Kit types: OTP Stealer

🏢 Brand Impersonation Analysis

Impersonated Brand

Generic Phishing

Official Website

N/A

Fake Service

Credential harvesting service

⚔️ Attack Methodology

Primary Method: Two-Factor Authentication Bypass

Victim is prompted for 2FA code after entering credentials. The code is intercepted and used by attacker to access victim's account in real-time.

Secondary Method: Standard Phishing Techniques

Uses typical phishing tactics including brand impersonation, urgency tactics, and social engineering to trick victims into providing sensitive information.