SafeMode - Analysis: s.yam.com

EN ES PT

Back to Stats

Captura Visual

Screenshot of s.yam.com

Informações de Detecção

https://s.yam.com/YkEGu

Detected Brand

Yam (蕃薯藤)

Country

Unknown

Confiança

100%

HTTP Status

200

Report ID

87a8e3b8-ef5…

Analyzed

2026-04-10 09:45

Hashes de Conteúdo (Similaridade HTML)

Used to detect similar phishing pages based on HTML content

Algorithm	Hash Value
CONTENT TLSH	T1D561D7B3E88446767F53C1B0DAD5480C9602DECDD6A312D2C9D4036E56A4EB7DC5B16C
CONTENT ssdeep	48:TY5bAVVd6jPJYoD/k6jPBrRV9FP1A2AFP5fJtWtFPMBiw9tKBTtw9t7Bsw9tKB7v:T909TBn9YLfqttw7qtw7qw79qVB

Hashes Visuais (Similaridade de Captura)

Used to detect visually similar phishing pages based on screenshots

Algorithm	Hash Value
VISUAL pHash	9998666766669999
VISUAL aHash	0018181818180000
VISUAL dHash	00b2b2b030301000
VISUAL wHash	3c3c3c3c3c3c3c00
VISUAL colorHash	38000000c00
VISUAL cropResistant	cc8b4868684fcee0,00b2b2b030301000

Análise de Código

Risk Score 100/100

Nível de Ameaça ALTO

⚠️ Phishing Confirmed

🎣 Credential Harvester 🎣 Banking 🎣 Personal Info

🔒 Obfuscation Detected

atob
fromCharCode
base64_strings

📡 API Calls Detected

POST
https://www.google.com/ccm/geo

📊 Detalhamento da Pontuação de Risco

Total Risk Score

100/100

Contributing Factors

Active Phishing Kit

Detected kit types: Credential Harvester, Banking, Personal Info

Credential Harvesting

Credential harvesting detected with 2 form(s) capturing sensitive data

Code Obfuscation

JavaScript code obfuscated using 44 technique(s) to evade detection

🔬 Análise Integral de Ameaças

Tipo de Ameaça

Banking Credential Harvester

Alvo

Yam (蕃薯藤) users

Método de Ataque

credential harvesting forms + obfuscated JavaScript

Canal de Exfiltração

Form submission (backend endpoint not detected - likely JavaScript-based)

Avaliação de Risco

CRITICAL - Automated credential harvesting with Form submission (backend endpoint not detected - likely JavaScript-based)

⚠️ Indicators of Compromise

Kit types: Credential Harvester, Banking, Personal Info
44 obfuscation techniques

🏢 Análise de Falsificação de Marca

Impersonated Brand

Yam (蕃薯藤)

Official Website

N/A

Fake Service

Banking/payment service

⚔️ Metodologia de Ataque

Primary Method: Credential Harvesting

Victim enters username and password into fake login form. Credentials are captured via JavaScript and exfiltrated to attacker's server in real-time.

Secondary Method: JavaScript Obfuscation

Malicious code is obfuscated using 44 techniques to evade detection by security scanners and make reverse engineering more difficult.

🌐 Indicadores de Compromisso de Infraestrutura

Domain Information

Domínio

s.yam.com

Registered

1996-02-14 05:00:00+00:00

Registrar

Network Solutions, LLC

Estado

Active (older domain)

Hosting Information

Provider

Network Solutions, LLC

ASN

🤖 AI-Extracted Threat Intelligence

Similar Websites

Pages with identical visual appearance (based on perceptual hash)

Screenshot

https://s.yam.com/UDc8r

Screenshot

Yam Share (likely)

https://s.yam.com/jQLTw

Screenshot

https://s.yam.com/C7C0J

Scan History for s.yam.com

Found 10 other scans for this domain

https://s.yam.com/UDc8r Yam Share Mar 02, 2026 06:38

https://s.yam.com/jQLTw Yam Share (likely) Mar 02, 2026 06:38

https://s.yam.com/C7C0J yam Share Mar 02, 2026 06:38

https://s.yam.com/34A5c ? Mar 02, 2026 06:37

https://s.yam.com/mkvZg yamShare (Taiwanese Video Sharing Platform) Fev 09, 2026 01:57

https://s.yam.com/ZSO1S Yam Jan 27, 2026 23:58

https://s.yam.com/mkvZg! Yam.com Jan 09, 2026 22:32

https://s.yam.com/bBvSh YamShare Jan 09, 2026 17:09

https://s.yam.com/r0mmv YamShare Jan 09, 2026 10:43

https://s.yam.com/11H1O Unknown Jan 09, 2026 09:40

😰

"Nunca pensei que aconteceria comigo"

Isso dizem os 2,3 milhões de vítimas a cada ano. Não espere para ser uma estatística.