Phishing Analysis
Detailed analysis of captured phishing page
73
Risk Score
High Risk
Threat Level: BAJO
• Impersonating: WeTransfer
- • Threat: Potential malware download from shared files
- • Target: WeTransfer users
- • Method: Malicious .xls and .pdf files are offered for download
- • Exfil: N/A (download of files)
- • Indicators: .xls and .pdf file types, files names, potential for embedded malware
- • Risk: LOW - User needs to download and open the files for the risk to materialize
⚠ Risk Factors
- Brand impersonation of WeTransfer on non-official domain
- Contains 1 form(s) with JavaScript submission
- Credential harvesting indicators detected
- Personal info theft indicators detected
Visual Capture
No screenshot available
Detection Info
https://lvgseguranca.com.br/wp-includes/z836763/3201/[email protected]
Detected Brand
WeTransfer
Country
Netherlands
Confidence
100%
HTTP Status
200
Report ID
58f35b04-d3a…
Analyzed
2025-12-31 15:08
Content Hashes (HTML Similarity)
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T179724C5A9E2C5C1D830926A7E3DE09CC613DD397DB5901C494FAE8C888D7A64DCCAC9D |
|
CONTENT
ssdeep
|
192:SLwJ7tvTKuuvhAZ44vW398QNJdJdrUWi5cPQ1+LKNon/KNwJORY1xVVCsQufEUo9:Sc/TKusK49SQnp7i5cNLKeARYvWc0 |
Visual Hashes (Screenshot Similarity)
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
e0e00f0fea8f0fe8 |
|
VISUAL
aHash
|
01c0f8f0e0000000 |
|
VISUAL
dHash
|
6b90929096788000 |
|
VISUAL
wHash
|
c1e0f8fef0000000 |
|
VISUAL
colorHash
|
00000000e00 |
|
VISUAL
cropResistant
|
0d16652716780c8e,6b90929096788000 |
Code Analysis
Risk Score
73/100
Threat Level
BAJO
🎣 Credential Harvester
🎣 Personal Info
🔬 Threat Analysis Report
• Threat: Potential malware download from shared files
• Target: WeTransfer users
• Method: Malicious .xls and .pdf files are offered for download
• Exfil: N/A (download of files)
• Indicators: .xls and .pdf file types, files names, potential for embedded malware
• Risk: LOW - User needs to download and open the files for the risk to materialize
🔒 Obfuscation Detected
- atob
Similar Websites
Pages with identical visual appearance (based on perceptual hash)
WeTransfer
https://lvgseguranca.com.br/wp-content/we/83773922.html
Jan 07, 2026
No screenshot
WeTransfer
https://lvgseguranca.com.br/wp-includes/z836763/1983/9488787...
Jan 06, 2026
No screenshot
WeTransfer
https://lvgseguranca.com.br/wp-includes/z836763/1983/9488787...
Jan 02, 2026
WeTransfer
http://www.guape.com.br/wp-portal/2938672.html
Jan 02, 2026
WeTransfer
http://www.guape.com.br/wp-portal/2938672.html
Jan 02, 2026
Scan History for lvgseguranca.com.br
Found 10 other scans for this domain
-
https://lvgseguranca.com.br/wp-includes/5678fsghaj...
https://lvgseguranca.com.br/wp-content/we/83773922...
https://lvgseguranca.com.br/wp-includes/z836763/19...
https://lvgseguranca.com.br/wp-includes/z836763/19...
http://lvgseguranca.com.br/wp-content/we/83773922....
https://lvgseguranca.com.br/wp-content/we/83773922...
https://lvgseguranca.com.br/wp-includes/z836763/19...
https://lvgseguranca.com.br/wp-includes/z836763/32...
http://lvgseguranca.com.br/wp-content/we/83773922....
https://www.lvgseguranca.com.br/wp-icons/we/276373...