EN ES PT

Phishing Analysis

Detailed analysis of captured phishing page

Back to Stats

Captura Visual

Screenshot of copyratio.com

Información de Detección

https://copyratio.com/
Detected Brand
Copyratio
Country
International
Confianza
100%
HTTP Status
200
Report ID
1f078c96-4f8…
Analyzed
2026-06-27 23:23

Hashes de Contenido (Similitud HTML)

Used to detect similar phishing pages based on HTML content

Algorithm Hash Value
CONTENT TLSH
T1CEF21F309011653742A3D2C86B39271BB3D3920DCFA74A0667F883ACAFD7C55DD26E66
CONTENT ssdeep
768:VYmOl9k97jAs6yAs6HdrV7bodZZhshhmAC:1rIXtXHdrV7borZhshhJC

Hashes Visuales (Similitud de Captura)

Used to detect visually similar phishing pages based on screenshots

Algorithm Hash Value
VISUAL pHash
eca517ca119b6ca5
VISUAL aHash
fffff1d1f1f0fd00
VISUAL dHash
f04623333165619e
VISUAL wHash
fef39191f1b0bc00
VISUAL colorHash
07610000000
VISUAL cropResistant
b0c4273333256178,ca9921273434a5a6,38182d8f9c2f9f94,1961d1a786d9cc41,0000000000000000

Análisis de Código

Risk Score 76/100
Nivel de Amenaza ALTO
⚠️ Phishing Confirmed
🎣 Credential Harvester 🎣 OTP Stealer 🎣 Card Stealer 🎣 Personal Info

🔬 Threat Analysis Report

• Amenaza: Phishing Financiero
• Objetivo: Usuarios buscando plataformas de trading
• Método: Suplantación con exfiltración de datos ofuscada
• Exfil: Controlador de formularios JS
• Indicadores: Discrepancia de dominio, ofuscación
• Riesgo: Alto

🔐 Credential Harvesting Forms

🔒 Obfuscation Detected

  • eval
  • fromCharCode

🎯 Kit Endpoints

  • //app.copyratio.com/login

📡 API Calls Detected

  • <div><h1>Hi!</h1></div>

📤 Form Action Targets

  • contact.html

📊 Desglose de Puntuación de Riesgo

Total Risk Score
85/100

Contributing Factors

Obfuscated Code
Presence of eval and fromCharCode is highly suspicious
Identity Mismatch
Domain/Email mismatch indicates lack of authenticity

🔬 Análisis Integral de Amenazas

Tipo de Amenaza
Banking Credential Harvester
Objetivo
Copyratio users (International)
Método de Ataque
Brand impersonation + credential harvesting forms + obfuscated JavaScript
Canal de Exfiltración
HTTP POST to backend
Evaluación de Riesgo
HIGH - Automated credential harvesting with HTTP POST to backend

⚠️ Indicators of Compromise

  • Kit types: Credential Harvester, OTP Stealer, Card Stealer, Personal Info
  • 6 obfuscation techniques

🏢 Análisis de Suplantación de Marca

Impersonated Brand
Copyratio
Official Website
unknown
Fake Service
Copytrading Platform

Fraudulent Claims

⚔️ Metodología de Ataque

Primary Method: Credential Harvesting

Uses a professional-looking landing page to trick users into signing up for a fake trading service, likely to collect PII and financial data.

Secondary Method: Data Exfiltration

Uses obfuscated scripts to transmit user input to an external, likely malicious endpoint.

🌐 Indicadores de Compromiso de Infraestructura

Domain Information

Dominio
copyratio.com
Registered
2026-01-27
Registrar
unknown
Estado
active

🤖 AI-Extracted Threat Intelligence

😰
"Nunca pensé que me pasaría a mí"
Esto dicen las 2.3 millones de víctimas cada año. No esperes a ser una estadística.