Phishing Analysis
Detailed analysis of captured phishing page
Captura Visual
Informações de Detecção
https://2piwallet.com/
Detected Brand
2piwallet
Country
International
Confiança
95%
HTTP Status
200
Report ID
df46ada9-3c5…
Analyzed
2026-06-25 23:29
Hashes de Conteúdo (Similaridade HTML)
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T161A25570A188FA3341A7C2E7A63583AF76D0C785CB5B0B5143F9C32D5BD6EA5CD1128A |
|
CONTENT
ssdeep
|
384:NPIIrl3RAglrj0JZQHZwGzQP5MRG4U+jTLYUKsI8R7mfMwAXYrGVzpdam9KC65U/:pII5X5j2Ko9fMwAXhwiFOf6 |
Hashes Visuais (Similaridade de Captura)
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
9e9b312c2c939bcc |
|
VISUAL
aHash
|
01003cbc10180000 |
|
VISUAL
dHash
|
1b22697927717804 |
|
VISUAL
wHash
|
8f00fcff993d3c00 |
|
VISUAL
colorHash
|
38000038400 |
|
VISUAL
cropResistant
|
545f99e4a43b3b63,1b22697927717804 |
Análise de Código
Risk Score
56/100
Nível de Ameaça
ALTO
⚠️ Phishing Confirmed
🎣 Banking
🔬 Threat Analysis Report
• Ameaça: Phishing/Crypto-Drainer
• Alvo: Usuários de criptomoedas
• Método: Impersonação de carteira criptográfica
• Exfil: Interação maliciosa via JS ou malware
• Indicadores: Domínio recente, código ofuscado
• Risco: Alto
🔒 Obfuscation Detected
- fromCharCode
- unescape
📡 API Calls Detected
- POST
📊 Detalhamento da Pontuação de Risco
Total Risk Score
90/100
Contributing Factors
Domain Age
Domain is only 23 days old.
Obfuscated Code
Detected fromCharCode and unescape patterns.
🔬 Análise Integral de Ameaças
Tipo de Ameaça
Banking Credential Harvester
Alvo
2piwallet users (International)
Método de Ataque
Brand impersonation + obfuscated JavaScript
Canal de Exfiltração
Form submission (backend endpoint not detected - likely JavaScript-based)
Avaliação de Risco
MEDIUM - Automated credential harvesting with Form submission (backend endpoint not detected - likely JavaScript-based)
⚠️ Indicators of Compromise
- Kit types: Banking
- 3 obfuscation techniques
🏢 Análise de Falsificação de Marca
Impersonated Brand
2piwallet
Fake Service
Crypto Wallet Service
Fraudulent Claims
⚔️ Metodologia de Ataque
Primary Method: Wallet Drainer
The site prompts users to download an app or sign transactions that likely contain malicious drainer code designed to empty cryptocurrency wallets.
Secondary Method: Credential Harvesting
Use of professional landing pages to establish fake trust to solicit sensitive security keys.
Target Blockchain
Ethereum/EVM/Bitcoin
🌐 Indicadores de Compromisso de Infraestrutura
Domain Information
Domínio
2piwallet.com
Registered
2026-06-02
Registrar
N/A
Estado
Active
🤖 AI-Extracted Threat Intelligence
"Nunca pensei que aconteceria comigo"
Isso dizem os 2,3 milhões de vítimas a cada ano. Não espere para ser uma estatística.