Phishing Analysis
Detailed analysis of captured phishing page
Captura Visual
Información de Detección
Hashes de Contenido (Similitud HTML)
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T11532A7A099886A76B31783F8F2729F5EB1848107CB0BB614F3D0439A57CBC75CD592C6 |
|
CONTENT
ssdeep
|
192:tIzrfrmh/rUct54FGvtRYKdhv9yRYQSBw7IvEwMGNdDNdBNdPNdrNdzNd0j:tQrfixrVt5YGvtrbvYKQSBw7IvtMGNdy |
Hashes Visuales (Similitud de Captura)
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
cc993366cc9999c6 |
|
VISUAL
aHash
|
0000181818180000 |
|
VISUAL
dHash
|
100c323232320801 |
|
VISUAL
wHash
|
c100181838380083 |
|
VISUAL
colorHash
|
38030200040 |
|
VISUAL
cropResistant
|
100c323232320801 |
Análisis de Código
🔒 Obfuscation Detected
- atob
- fromCharCode
- unescape
- base64_strings
📡 API Calls Detected
- POST
📊 Desglose de Puntuación de Riesgo
Contributing Factors
🔬 Análisis Integral de Amenazas
⚠️ Indicators of Compromise
- Kit types: Credential Harvester, OTP Stealer, Card Stealer, Banking, Personal Info
- 31 obfuscation techniques
🏢 Análisis de Suplantación de Marca
⚔️ Metodología de Ataque
Primary Method: Credential Harvesting
Victim enters username and password into fake login form. Credentials are captured via JavaScript and exfiltrated to attacker's server in real-time.
Secondary Method: JavaScript Obfuscation
Malicious code is obfuscated using 31 techniques to evade detection by security scanners and make reverse engineering more difficult.
Drainer supports multiple blockchain networks and checks for high-value tokens on each chain before executing drain operations.
🌐 Indicadores de Compromiso de Infraestructura
Domain Information
Hosting Information
🤖 AI-Extracted Threat Intelligence
Similar Websites
Pages with identical visual appearance (based on perceptual hash)
Scan History for pump-swap.pages.dev
Found 1 other scan for this domain
