EN ES PT

Phishing Analysis

Detailed analysis of captured phishing page

Back to Stats
100 Risk Score

High Risk

Threat Level: ALTO • Impersonating: MetaMask

⚠ Fatores de Risco

  • Falsificação da marca MetaMask em domínio não oficial
  • Ofuscação JavaScript detectada (5 padrões)
  • Indicadores de roubo de credenciais detectados
  • Indicadores de roubo de otp/2fa detectados
  • Conexão WebSocket para comunicação C2 em tempo real

Visual Capture

Screenshot of xerofex.com

Detection Info

https://xerofex.com
Detected Brand
MetaMask
Country
Unknown
Confidence
100%
HTTP Status
200
Report ID
56550711-5ac…
Analyzed
2026-01-10 16:36
Final URL (after redirects)
https://xerofex.com/

Content Hashes (HTML Similarity)

Used to detect similar phishing pages based on HTML content

Algorithm Hash Value
CONTENT TLSH
T1BBE229B4A230D335B1C247E8DA642528765FE1DCD7C695B4E388AF51B0D6CECD5260CB
CONTENT ssdeep
384:4r/vJcueTERhiXkdvNTDhPhLxeAxeDWNW1Tp34PxeeJEmuW3AsUrARWcMd:4r/vJcurhhPhleMeDGCSPxeeWmHCaW

Visual Hashes (Screenshot Similarity)

Used to detect visually similar phishing pages based on screenshots

Algorithm Hash Value
VISUAL pHash
c3e33e3c680b784e
VISUAL aHash
00666a60f81e3630
VISUAL dHash
5cdcdacbb33c6c69
VISUAL wHash
80666f68f89e3f60
VISUAL colorHash
300010000d8
VISUAL cropResistant
f8cbeece8c891924,5cdcdacbb33c6c69

Code Analysis

Risk Score 100/100
Threat Level ALTO
⚠️ Phishing Confirmed
🎣 Credential Harvester 🎣 OTP Stealer 🎣 Card Stealer 🎣 Banking 🎣 Personal Info
WebSocket C2

🔒 Obfuscation Detected

  • atob
  • eval
  • fromCharCode
  • unescape
  • base64_strings

Similar Websites

Pages with identical visual appearance (based on perceptual hash)

Screenshot
Unknown
http://kilowex.com
Jan 06, 2026
 Screenshot
MetaMask
http://kezodex.com
Jan 06, 2026
 Screenshot
MetaMask
http://herowex.com
Jan 06, 2026
 Screenshot
MetaMask
http://hidewex.com
Jan 06, 2026
 Screenshot
Unknown
http://faolex.com
Jan 06, 2026