Phishing Analysis
Detailed analysis of captured phishing page
Captura Visual
Información de Detección
https://2piwallet.com/
Detected Brand
2piwallet
Country
International
Confianza
95%
HTTP Status
200
Report ID
df46ada9-3c5…
Analyzed
2026-06-25 23:29
Hashes de Contenido (Similitud HTML)
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T161A25570A188FA3341A7C2E7A63583AF76D0C785CB5B0B5143F9C32D5BD6EA5CD1128A |
|
CONTENT
ssdeep
|
384:NPIIrl3RAglrj0JZQHZwGzQP5MRG4U+jTLYUKsI8R7mfMwAXYrGVzpdam9KC65U/:pII5X5j2Ko9fMwAXhwiFOf6 |
Hashes Visuales (Similitud de Captura)
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
9e9b312c2c939bcc |
|
VISUAL
aHash
|
01003cbc10180000 |
|
VISUAL
dHash
|
1b22697927717804 |
|
VISUAL
wHash
|
8f00fcff993d3c00 |
|
VISUAL
colorHash
|
38000038400 |
|
VISUAL
cropResistant
|
545f99e4a43b3b63,1b22697927717804 |
Análisis de Código
Risk Score
56/100
Nivel de Amenaza
ALTO
⚠️ Phishing Confirmed
🎣 Banking
🔬 Threat Analysis Report
• Amenaza: Phishing/Crypto-Drainer
• Objetivo: Usuarios de criptomonedas
• Método: Suplantación de servicio de billetera criptográfica
• Exfil: Interacción maliciosa o descarga de malware
• Indicadores: Dominio reciente, código ofuscado
• Riesgo: Alto
🔒 Obfuscation Detected
- fromCharCode
- unescape
📡 API Calls Detected
- POST
📊 Desglose de Puntuación de Riesgo
Total Risk Score
90/100
Contributing Factors
Domain Age
Domain is only 23 days old.
Obfuscated Code
Detected fromCharCode and unescape patterns.
🔬 Análisis Integral de Amenazas
Tipo de Amenaza
Banking Credential Harvester
Objetivo
2piwallet users (International)
Método de Ataque
Brand impersonation + obfuscated JavaScript
Canal de Exfiltración
Form submission (backend endpoint not detected - likely JavaScript-based)
Evaluación de Riesgo
MEDIUM - Automated credential harvesting with Form submission (backend endpoint not detected - likely JavaScript-based)
⚠️ Indicators of Compromise
- Kit types: Banking
- 3 obfuscation techniques
🏢 Análisis de Suplantación de Marca
Impersonated Brand
2piwallet
Fake Service
Crypto Wallet Service
Fraudulent Claims
⚔️ Metodología de Ataque
Primary Method: Wallet Drainer
The site prompts users to download an app or sign transactions that likely contain malicious drainer code designed to empty cryptocurrency wallets.
Secondary Method: Credential Harvesting
Use of professional landing pages to establish fake trust to solicit sensitive security keys.
Target Blockchain
Ethereum/EVM/Bitcoin
🌐 Indicadores de Compromiso de Infraestructura
Domain Information
Dominio
2piwallet.com
Registered
2026-06-02
Registrar
N/A
Estado
Active
🤖 AI-Extracted Threat Intelligence
"Nunca pensé que me pasaría a mí"
Esto dicen las 2.3 millones de víctimas cada año. No esperes a ser una estadística.