SafeMode - Analysis: evm.eventdrop.org

Visual Capture

Detection Info

http://evm.eventdrop.org

Detected Brand

Unknown

Country

Unknown

Confidence

95%

HTTP Status

200

Report ID

ee92f84d-cf8…

Analyzed

2026-06-30 17:25

Final URL (after redirects)

https://evm.eventdrop.org/

Content Hashes (HTML Similarity)

Used to detect similar phishing pages based on HTML content

Algorithm	Hash Value
CONTENT TLSH	T1B931312642601C2B63B2968E6FC1B2CD1EB5D101E7652A84B2E842990FC0EF4DCB715A
CONTENT ssdeep	24:hzv+ncG9D7UsV2+Yi33YmwLZnPH30oWMNt0kMch/2ILjHVNOZqZ0y1gr8vPa:5+cUD0oYm+ZvdDNAC2YEavC

Visual Hashes (Screenshot Similarity)

Used to detect visually similar phishing pages based on screenshots

Algorithm	Hash Value
VISUAL pHash	cc993366cc9933c6
VISUAL aHash	0000001838000000
VISUAL dHash	0000003232240000
VISUAL wHash	ff3c181818003030
VISUAL colorHash	38000000e00
VISUAL cropResistant	0000003232240000

Code Analysis

Risk Score 59/100

Threat Level ALTO

⚠️ Phishing Confirmed

🎣 Banking

🔒 Obfuscation Detected

fromCharCode
unescape
js_packer

📡 API Calls Detected

POST

📊 Risk Score Breakdown

Total Risk Score

75/100

Contributing Factors

Active Phishing Kit

Detected kit types: Banking

Code Obfuscation

JavaScript code obfuscated using 486 technique(s) to evade detection

🔬 Comprehensive Threat Analysis

Threat Type

Banking Credential Harvester

Target

General public

Attack Method

obfuscated JavaScript

Exfiltration Channel

Unknown

Risk Assessment

MEDIUM - Automated credential harvesting with Unknown

⚠️ Indicators of Compromise

Kit types: Banking
486 obfuscation techniques

🏢 Brand Impersonation Analysis

Impersonated Brand

Generic Phishing

Official Website

N/A

Fake Service

Banking/payment service

⚔️ Attack Methodology

Primary Method: Banking Credential Theft

Victim enters banking credentials including account numbers and security questions. Attacker gains full access to victim's banking services.

Secondary Method: JavaScript Obfuscation

Malicious code is obfuscated using 486 techniques to evade detection by security scanners and make reverse engineering more difficult.

🌐 Infrastructure Indicators of Compromise

Domain Information

Domain

evm.eventdrop.org

Registered

2026-06-29 16:44:51+00:00

Registrar

PDR Ltd. d/b/a PublicDomainRegistry.com

Status

Recently registered (1 days old)

Hosting Information

Provider

PDR Ltd. d/b/a PublicDomainRegistry.com

ASN

🤖 AI-Extracted Threat Intelligence

😰

"I Never Thought It Would Happen to Me"

That's what 2.3 million victims say every year. Don't wait to become a statistic.