EN ES PT
Back to Stats

Visual Capture

Screenshot of rapidofincoura-software.com

Detection Info

https://rapidofincoura-software.com/
Detected Brand
Rapido Fincoura
Country
International
Confidence
100%
HTTP Status
200
Report ID
b4ee89a0-342…
Analyzed
2026-02-24 11:38

Content Hashes (HTML Similarity)

Used to detect similar phishing pages based on HTML content

Algorithm Hash Value
CONTENT TLSH
T1F7F2F17360405A7F02DB86C777717B1EF2DAD64ACAA62A55A3E8831D07C3DD0CD32A52
CONTENT ssdeep
384:ySXJSV9stF+rJx7qZLdS1Uv8ClWWlPQW48KEqSiQa8FcxuW2Yty3HT6WI3E:ySZSW+rGv+O8ClWWlI8Kj8Ggw33E

Visual Hashes (Screenshot Similarity)

Used to detect visually similar phishing pages based on screenshots

Algorithm Hash Value
VISUAL pHash
80227fc9cbd590b7
VISUAL aHash
0101077f3f5fffff
VISUAL dHash
c3c7ccd4f3b30e59
VISUAL wHash
0101073f191ff9fd
VISUAL colorHash
07000e00000
VISUAL cropResistant
c3c7ccd4f3b30e59,fffffffffbbb7bf8,0011051d35333a5a

Code Analysis

Risk Score 71/100
Threat Level ALTO
⚠️ Phishing Confirmed
🎣 Credential Harvester 🎣 Personal Info

🔬 Threat Analysis Report

• Threat: Phishing
• Target: Users interested in crypto/market education
• Method: Information harvesting via a signup form.
• Exfil: Not yet determined, likely database or email address
• Indicators: Unrelated domain, form requesting sensitive info
• Risk: HIGH

🔒 Obfuscation Detected

  • fromCharCode
  • unicode_escape

📊 Risk Score Breakdown

Total Risk Score
90/100

Contributing Factors

Suspicious Domain
The domain name 'rapidofincoura-software.com' appears unrelated to security or market education, raising suspicion.
Forms and Data Harvesting
The site uses forms to collect PII (Personally Identifiable Information), which is a characteristic of phishing attacks
Domain Age
Domain age of 77 days is recent which is typical of phishing campaigns

🔬 Comprehensive Threat Analysis

Threat Type
Credential Harvesting Kit
Target
Rapido Fincoura users (International)
Attack Method
credential harvesting forms + obfuscated JavaScript
Exfiltration Channel
Form submission (backend endpoint not detected - likely JavaScript-based)
Risk Assessment
HIGH - Automated credential harvesting with Form submission (backend endpoint not detected - likely JavaScript-based)

⚠️ Indicators of Compromise

  • Kit types: Credential Harvester, Personal Info
  • 12 obfuscation techniques

🏢 Brand Impersonation Analysis

Impersonated Brand
Rapido Fincoura
Fake Service
Market Education/Security

Fraudulent Claims

⚔️ Attack Methodology

Primary Method: Credential Harvesting

The site collects user data through a form, likely to be used in future phishing attacks or for sale on the dark web. The claim of enhanced security is used to increase the likelihood of data submission.

🌐 Infrastructure Indicators of Compromise

Domain Information

Domain
rapidofincoura-software.com
Registered
2023-10-12T09:05:02Z
Registrar
Namecheap
Status
Active

🤖 AI-Extracted Threat Intelligence

😰
"I Never Thought It Would Happen to Me"
That's what 2.3 million victims say every year. Don't wait to become a statistic.