EN ES PT

Phishing Analysis

Detailed analysis of captured phishing page

Back to Stats

Captura Visual

Screenshot of kucoinx-login.webflow.io

Información de Detección

http://kucoinx-login.webflow.io/
Detected Brand
KuCoin
Country
Unknown
Confianza
100%
HTTP Status
200
Report ID
9ef85554-135…
Analyzed
2026-01-25 18:18
Final URL (after redirects)
https://kucoinx-login.webflow.io/

Hashes de Contenido (Similitud HTML)

Used to detect similar phishing pages based on HTML content

Algorithm Hash Value
CONTENT TLSH
T14CB1FB23A35C33370B81817A77A50389D6DF601D7391478C21B421FD27EDE684A726F6
CONTENT ssdeep
96:hrAjBPy47k/oV+5VqtV6ViVY7Aj+B/112PmMWrFGRkHDJW2MZC5pKcegE:FAjBPpggVoVqtV6ViV8AjW1s2URW6EpW

Hashes Visuales (Similitud de Captura)

Used to detect visually similar phishing pages based on screenshots

Algorithm Hash Value
VISUAL pHash
be8dc1993ec1c127
VISUAL aHash
ff9fff8383ffe7e7
VISUAL dHash
3377462e2f820e8e
VISUAL wHash
1b03338383ffc3c3
VISUAL colorHash
07001000600
VISUAL cropResistant
3377462e2f820e8e,83989caeae989c6c,039bd89c8c985661,ada7868e9a998b16,829c8c8c8c3cdc5b

Análisis de Código

Risk Score 73/100
Nivel de Amenaza ALTO
⚠️ Phishing Confirmed
🎣 Credential Harvester 🎣 OTP Stealer 🎣 Personal Info

🔒 Obfuscation Detected

  • fromCharCode

📊 Desglose de Puntuación de Riesgo

Total Risk Score
100/100

Contributing Factors

Active Phishing Kit
Detected Credential Harvester and OTP Stealer kits with real-time form interception capabilities.
Brand Impersonation
Domain impersonates KuCoin, a high-value cryptocurrency exchange target.
Obfuscation Techniques
Four distinct obfuscation techniques detected in JavaScript files, indicating evasion of static analysis.
Malicious JavaScript
Single obfuscated JavaScript file (webflow.24a563ff7.js) with potential credential harvesting logic.

🔬 Análisis Integral de Amenazas

Tipo de Amenaza
Credential Theft (Fake KuCoin Login)
Objetivo
KuCoin traders (International)
Canal de Exfiltración
Backend API (Form Submission)

🏢 Análisis de Suplantación de Marca

Impersonated Brand
KuCoin
Official Website
https://www.kucoin.com
Fake Service
KuCoin account login portal

⚔️ Metodología de Ataque

Primary Method: Credential Harvesting

The phishing kit captures user credentials (username, password) via fake login forms mimicking KuCoin's authentication portal. Submitted data is likely exfiltrated to an attacker-controlled server in real-time.

Secondary Method: OTP Stealer

The kit includes functionality to intercept one-time passwords (OTPs) or 2FA codes, enabling attackers to bypass multi-factor authentication and gain unauthorized access to victim accounts.

🌐 Indicadores de Compromiso de Infraestructura

Domain Information

Dominio
kucoinx-login.webflow.io
Registered
Unknown
Registrar
Unknown
Estado
Active (age unknown)

🦠 Malicious Files

Main File
File Size

Obfuscated JavaScript file containing credential harvesting and OTP interception logic.

🔬 JavaScript Deep Analysis

Sophistication Level
Basic
Total Code Size
36,5 KB

🔗 API Endpoints Detected

Other
7
Backend API
1

🔐 Obfuscation Detected

  • : Light

🤖 AI-Extracted Threat Intelligence

🎯 Malicious Files Identified

Similar Websites

Pages with identical visual appearance (based on perceptual hash)

Screenshot
KuCoin
https://kucoenlogini.webflow.io/
May 23, 2026
 Screenshot
KuCoin
https://kucoinx-login.webflow.io/
Ene 30, 2026
 Screenshot
KuCoin
http://kucoinx-login.webflow.io/
Ene 30, 2026

Scan History for kucoinx-login.webflow.io

Found 2 other scans for this domain

😰
"Nunca pensé que me pasaría a mí"
Esto dicen las 2.3 millones de víctimas cada año. No esperes a ser una estadística.