SafeMode - Analysis: aurixwin.com

EN ES PT

Back to Stats

Captura Visual

No screenshot available

Información de Detección

https://aurixwin.com/

Detected Brand

Unknown

Country

International

Confianza

100%

HTTP Status

200

Report ID

a6b7ef06-aaf…

Analyzed

2026-02-28 02:46

Final URL (after redirects)

https://aurixwin.com/auth

Hashes de Contenido (Similitud HTML)

Used to detect similar phishing pages based on HTML content

Algorithm	Hash Value
CONTENT TLSH	T164A34C643558F5761AF343A310EF5103B339612B980E4C60B355ECAE72ACC9AA177FDA
CONTENT ssdeep	1536:91FCW1cJTagpUXUEvA0YxhMKSC4YVlpzFdn2skXgCa5aebDCa:F9K5T8A0kaKZ4UljzCqDV

Hashes Visuales (Similitud de Captura)

Used to detect visually similar phishing pages based on screenshots

Algorithm	Hash Value
VISUAL pHash	c0c0383f373d3739
VISUAL aHash	7070707070700000
VISUAL dHash	a4a4e4c4c4c032d4
VISUAL wHash	707e7e7e70701862
VISUAL colorHash	39007000040
VISUAL cropResistant	8eae86a63148d898,a4a4e4c4c4c032d4,df998cc726370b49

Análisis de Código

Risk Score 85/100

Nivel de Amenaza ALTO

⚠️ Phishing Confirmed

🎣 Credential Harvester 🎣 OTP Stealer 🎣 Card Stealer 🎣 Banking 🎣 Personal Info

🔬 Threat Analysis Report

• Amenaza: Phishing de creación de cuenta
• Objetivo: No especificado
• Método: Sitio web malicioso
• Exfil: Desconocido, probablemente robo de credenciales
• Indicadores: JavaScript ofuscado, formularios sospechosos, marca desconocida.
• Riesgo: Alto

🔒 Obfuscation Detected

atob
eval
fromCharCode
unescape
unicode_escape
base64_strings

📡 API Calls Detected

POST
/v1/sdk/start
/track
/track/device-id

📊 Desglose de Puntuación de Riesgo

Total Risk Score

90/100

Contributing Factors

Suspicious Domain

New domain, no known brand association.

Form Submission

Forms present and likely collecting credentials.

Obfuscated Javascript

Likely attempting to hide malicious behavior.

🔬 Análisis Integral de Amenazas

Tipo de Amenaza

Banking Credential Harvester

Objetivo

General public

Método de Ataque

credential harvesting forms + obfuscated JavaScript

Canal de Exfiltración

Form submission (backend endpoint not detected - likely JavaScript-based)

Evaluación de Riesgo

CRITICAL - Automated credential harvesting with Form submission (backend endpoint not detected - likely JavaScript-based)

⚠️ Indicators of Compromise

Kit types: Credential Harvester, OTP Stealer, Card Stealer, Banking, Personal Info
34 obfuscation techniques

🏢 Análisis de Suplantación de Marca

Impersonated Brand

Unknown

Fake Service

Creating an account

⚔️ Metodología de Ataque

Primary Method: Credential Harvesting

The site uses a form to collect email and password information, likely for account takeover or credential reuse.

Secondary Method: Javascript Obfuscation

The site uses obfuscated JavaScript, possibly to hide malicious activities like keylogging or data exfiltration.

🌐 Indicadores de Compromiso de Infraestructura

Domain Information

Dominio

aurixwin.com

Registered

2023-08-17

Registrar

Unknown

Estado

ACTIVE

🤖 AI-Extracted Threat Intelligence

Similar Websites

Pages with identical visual appearance (based on perceptual hash)

Screenshot

https://cash-casino.net/

https://bitxroll.com/

https://bitxlucky.com/

https://betzyra.com/

Screenshot

Unknown (Gaming/Gambling)

https://beastjackpot.net/

😰

"Nunca pensé que me pasaría a mí"

Esto dicen las 2.3 millones de víctimas cada año. No esperes a ser una estadística.