Phishing Analysis
Detailed analysis of captured phishing page
Captura Visual
Informações de Detecção
Hashes de Conteúdo (Similaridade HTML)
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T1CCB2EE7013082BBE653BCFA6B250BB3C50BDF34ECD7B462AB1EE4B905789D44D902694 |
|
CONTENT
ssdeep
|
192:ZWEZuJD0nA/DA8ml4PDsHpvSPNcNfH4sAJrLHXgVvzXRuqLf1sZeorsHEcsiOlsS:MquJD0nA/DA8FKVS8vnaL3qMtl |
Hashes Visuais (Similaridade de Captura)
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
91f16c2c4e969ee1 |
|
VISUAL
aHash
|
02626e6e401f3f00 |
|
VISUAL
dHash
|
ae9adcdcd2f6cef2 |
|
VISUAL
wHash
|
426e6e3e6a1f3f00 |
|
VISUAL
colorHash
|
32211000200 |
|
VISUAL
cropResistant
|
ae9adcdcd2f6cef2 |
Análise de Código
🔒 Obfuscation Detected
- atob
- fromCharCode
- unicode_escape
📡 API Calls Detected
- mailto:[email protected]
📊 Detalhamento da Pontuação de Risco
Contributing Factors
🔬 Análise Integral de Ameaças
⚠️ Indicators of Compromise
- Kit types: Credential Harvester, OTP Stealer, Banking, Personal Info
- 10 obfuscation techniques
🏢 Análise de Falsificação de Marca
⚔️ Metodologia de Ataque
Primary Method: Credential Harvesting
Victim enters username and password into fake login form. Credentials are captured via JavaScript and exfiltrated to attacker's server in real-time.
Secondary Method: JavaScript Obfuscation
Malicious code is obfuscated using 10 techniques to evade detection by security scanners and make reverse engineering more difficult.
Drainer supports multiple blockchain networks and checks for high-value tokens on each chain before executing drain operations.
🌐 Indicadores de Compromisso de Infraestrutura
Domain Information
Hosting Information
🤖 AI-Extracted Threat Intelligence
Similar Websites
Pages with identical visual appearance (based on perceptual hash)
Scan History for exchange-d6g.pages.dev
Found 1 other scan for this domain
