SafeMode - Analysis: irostech.com

Visual Capture

Detection Info

https://irostech.com/wp-content/secur/serafi/page/index.php

Detected Brand

Serafe

Country

Unknown

Confidence

100%

HTTP Status

200

Report ID

e4bf5c92-89a…

Analyzed

2026-05-24 20:41

Content Hashes (HTML Similarity)

Used to detect similar phishing pages based on HTML content

Algorithm	Hash Value
CONTENT TLSH	T1AA2154F560D17632087192A1BB0F8B71AFD5428ED5441B0856DCC6994DEFD1FCD55043
CONTENT ssdeep	24:hR/C5ezNKP9y4f/urRt+zEeDgdjPqma5cTA:ToVy0/uizEekdjim2cc

Visual Hashes (Screenshot Similarity)

Used to detect visually similar phishing pages based on screenshots

Algorithm	Hash Value
VISUAL pHash	f7774d1d16432918
VISUAL aHash	00e7ffe7ffffffff
VISUAL dHash	6b160e0c36160600
VISUAL wHash	0000c3e7c3c3e7ff
VISUAL colorHash	06000000e00
VISUAL cropResistant	06164d0e32160000,030b048040400000

Code Analysis

Threat Level ALTO

⚠️ Phishing Confirmed

📊 Risk Score Breakdown

Total Risk Score

40/100

🔬 Comprehensive Threat Analysis

Threat Type

Serafe Phishing Landing Page

Target

Serafe users

Attack Method

Phishing webpage

Exfiltration Channel

Form submission (backend endpoint not detected - likely JavaScript-based)

Risk Assessment

LOW - Automated credential harvesting with Form submission (backend endpoint not detected - likely JavaScript-based)

🏢 Brand Impersonation Analysis

Impersonated Brand

Serafe

Official Website

N/A

Fake Service

Token swap/DEX platform

⚔️ Attack Methodology

Primary Method: Malicious Landing Page

Uses Serafe branding to appear legitimate in search results, social media, or advertising networks. Designed to redirect victims to phishing pages or distribute malware while maintaining appearance of authenticity.

Secondary Method: Standard Phishing Techniques

Uses typical phishing tactics including brand impersonation, urgency tactics, and social engineering to trick victims into providing sensitive information.