SafeMode - Analysis: metamaskwallett.blogspot.com

Captura Visual

Screenshot of metamaskwallett.blogspot.com

Informações de Detecção

https://metamaskwallett.blogspot.com

Detected Brand

MetaMask

Country

International

Confiança

100%

HTTP Status

200

Report ID

9a26e28c-c0e…

Analyzed

2026-02-17 10:28

Final URL (after redirects)

https://metamaskwallett.blogspot.com/

Hashes de Conteúdo (Similaridade HTML)

Used to detect similar phishing pages based on HTML content

Algorithm	Hash Value
CONTENT TLSH	T126627472A214AA3B222387D9B372E79AFB418685C9C6018BD1F5D35C1FE2CB1EC25315
CONTENT ssdeep	192:GUpnFbOrR1wtrAq9D5H0i1uH0pW5cTBrVOdl:tFCrOrAq9D5H0i1E0pQIBBml

Hashes Visuais (Similaridade de Captura)

Used to detect visually similar phishing pages based on screenshots

Algorithm	Hash Value
VISUAL pHash	de5e6961615e1e84
VISUAL aHash	80809c9cffffffff
VISUAL dHash	3b3434300b202024
VISUAL wHash	80001c9cfff3f0f0
VISUAL colorHash	070020001c0
VISUAL cropResistant	3b3434300b202024

Análise de Código

Risk Score 74/100

Nível de Ameaça MEDIO

⚠️ Phishing Confirmed

🎣 Credential Harvester 🎣 Personal Info

🔬 Threat Analysis Report

• Ameaça: Falsificação de identidade
• Alvo: Usuários do MetaMask
• Método: Conteúdo hospedado em blog para enganar usuários.
• Exfil: Potencialmente através de formulários ou links no conteúdo do blog.
• Indicadores: domínio Blogspot, nome da marca na URL, conteúdo relacionado à marca.
• Risco: Moderado

🔐 Credential Harvesting Forms

🔒 Obfuscation Detected

eval
hex_escape
unicode_escape

🎯 Kit Endpoints

https://www.blogger.com/share-post.g?blogID=6971215343493624068&postID=1220504188288589266&target=twitter
https://metamaskwallett.blogspot.com/feeds/posts/default?alt=rss
https://www.blogger.com/share-post.g?blogID=6971215343493624068&postID=1220504188288589266&target=facebook
https://www.blogger.com/share-post.g?blogID=6971215343493624068&postID=1220504188288589266&target=
https://metamaskwallett.blogspot.com/2023/02/
https://metamaskwallett.blogspot.com/
https://www.blogger.com/profile/16320060048353794998
https://www.blogger.com/share-post.g?blogID=6971215343493624068&postID=1220504188288589266&target=email
https://www.blogger.com/share-post.g?blogID=6971215343493624068&postID=1220504188288589266&target=pinterest
/responsive/sprite_v1_6.css.svg#ic_post_blogger_black_24dp
https://metamaskwallett.blogspot.com/feeds/posts/default
https://metamaskwallett.blogspot.com/search
https://www.blogger.com
https://www.blogger.com/go/report-abuse
https://metamaskwallett.blogspot.com/2023/02/hardware-vs-software-wallet-metamask.html#comments
https://www.blogger.com/feeds/6971215343493624068/posts/default
https://metamaskwallett.blogspot.com/2023/02/hardware-vs-software-wallet-metamask.html

📡 API Calls Detected

post
GET

📤 Form Action Targets

https://metamaskwallett.blogspot.com/search

📊 Detalhamento da Pontuação de Risco

Total Risk Score

65/100

Contributing Factors

Domain uses brand name

The domain includes 'metamask' in its name, attempting to impersonate the brand.

Free hosting

Blogspot hosting is common for phishing.

Obfuscation Detected

Obfuscated code can hide malicious Javascript.

🔬 Análise Integral de Ameaças

Tipo de Ameaça

Credential Harvesting Kit

Alvo

MetaMask users (International)

Método de Ataque

Brand impersonation + credential harvesting forms + obfuscated JavaScript

Canal de Exfiltração

HTTP POST to backend

Avaliação de Risco

HIGH - Automated credential harvesting with HTTP POST to backend

⚠️ Indicators of Compromise

Kit types: Credential Harvester, Personal Info
36 obfuscation techniques

🏢 Análise de Falsificação de Marca

Impersonated Brand

MetaMask

Official Website

metamask.io

Fake Service

MetaMask wallet information.

⚔️ Metodologia de Ataque

Primary Method: Impersonation

The attacker creates a fake blog on Blogspot to mimic MetaMask, likely to steal credentials or other sensitive information, or to link out to other malicious sites.