CredScore verdict
0xe6ec…c961eth-mainnetScore
11
0 = max risk · 100 = clean
High riskEscalateConfidence:86%
Escalate for deeper review
CredScore sees a 5.2-year-old wallet with 309 transfers. Sanctions-sensitive exposure context and High-confidence sanctions attribution are severe enough to require escalation before any further interaction.
Wallet snapshot
Wallet age
5.2 years
Transfers observed
309
Native balance
0.0001 ETH
Last activity
1.2 years ago
Counterparties
103
Primary risk drivers
Sanctions-sensitive exposure context
Sanctioned counterparty interactions observed: 1 · Observed labels: USDT Token, tether, uniswap
Sanctions-sensitive attribution materially increases review urgency because legal and compliance context becomes critical.
High-confidence sanctions attribution
Sanctioned counterparty interactions observed: 1
Sanctions-sensitive attribution materially increases review urgency because legal and compliance context becomes critical.
DEX-routed pass-through pattern
Single inbound source supplied 57% of inbound value · DEX + aggregator routing share: 28% of activity · Flow directionality: heavily one-sided (balance score 0.00)
A dominant share of the wallet's inbound value came from a single source, was routed through DEX or aggregator swap activity, and was drained from the wallet rather than retained. This is the laundering fingerprint observed on documented social-engineering theft cases: a large victim transfer arrives, gets fragmented into many DEX swaps to convert and obscure the asset trail, and the wallet is emptied. It is also consistent with one-shot legitimate behavior (an ICO recipient or grant payee cashing out via DEX), so it warrants review until the funding-source provenance is established.
Sanctioned counterparty interactions
Lazarus Group (DPRK)
0x098b716b8aaf21512996dc57eb0615e2383e2f96 ↗OFAC_SDN · Axie Infinity Ronin Bridge hack proceeds
Observed entity context
Labels
USDT TokentetheruniswapUniswap Universal Router
Protocols
Uniswap V2 RoutertetheruniswapWrapped Ether (WETH)USDT contract
Offsetting factors
Established history
Wallet age: 5.2y (observed)
Observable activity present
Transfers observed: 309
Material protocol interaction context
DEX-related interaction share: 27%
Analyst briefing
Executive Risk Verdict
This address presents elevated counterparty risk. Sanctions-sensitive exposure context and High-confidence sanctions attribution compose adverse signal severe enough to justify escalation under current coverage.
Decision Posture
Escalate for deeper review. A specific high-risk signal combination was detected (sanctions self). This pattern is materially more concerning than any individual flag in isolation and requires human context to resolve correctly.
Primary Risk Drivers
Sanctions-sensitive exposure context Sanctioned counterparty interactions observed: 1 Observed labels: USDT Token, tether, uniswap Sanctions-sensitive attribution materially increases review urgency because legal and compliance context becomes critical.
High-confidence sanctions attribution
Sanctioned counterparty interactions observed: 1
Sanctions-sensitive attribution materially increases review urgency because legal and compliance context becomes critical.
DEX-routed pass-through pattern
Single inbound source supplied 57% of inbound value
DEX + aggregator routing share: 28% of activity
Flow directionality: heavily one-sided (balance score 0.00)
A dominant share of the wallet's inbound value came from a single source, was routed through DEX or aggregator swap activity, and was drained from the wallet rather than retained. This is the laundering fingerprint observed on documented social-engineering theft cases: a large victim transfer arrives, gets fragmented into many DEX swaps to convert and obscure the asset trail, and the wallet is emptied. It is also consistent with one-shot legitimate behavior (an ICO recipient or grant payee cashing out via DEX), so it warrants review until the funding-source provenance is established.
Offsetting Factors
Established history Wallet age: 5.2y (observed)
Observable activity present
Transfers observed: 309
Material protocol interaction context
DEX-related interaction share: 27%
Structural Pattern Observations
Fan-out distribution (high confidence) The observed flow pattern is consistent with fan-out distribution behavior and also carries additional review pressure from thin visibility, limited history, or sensitive exposure. This is not a misconduct finding, but it is not a routine pattern under current coverage.
Behavior Distribution
DEX-related interactions: 27% of observed activity. Router / aggregator interactions: 1% of observed activity. Attributed interactions: 100% of observed activity, but only 4% resolved with high confidence, the remainder are unlabeled contract interactions, which is opacity rather than meaningful attribution coverage. High-confidence attributed interactions: 4% of observed activity.
Observed Entity / Protocol Context
USDT Token tether uniswap Uniswap Universal Router
Observed Protocol Attribution
Uniswap V2 Router tether uniswap Wrapped Ether (WETH) USDT contract
Confidence Statement
Overall assessment confidence is high (86%), reflecting stronger sample depth, better coverage, and more stable observable behavior.
Sensitivity notes
Fresh activity could change this classification because the current signal is not recent.
Off-chain context would be particularly valuable here, the detected structural patterns raise interpretive ambiguity that on-chain data alone cannot resolve.
For analysts
Generate a Defensible Verdict Report — engine version + timestamp baked in, exportable as PDF or copy-pasted as Markdown into a SAR narrative or case file.
Run your own wallet through CredScore
Deterministic Ethereum wallet risk scoring with a full audit trail. Every signal has an explicit numeric weight, output is reproducible. Paste any wallet to see your own verdict.
First analysis is free, no credit card. Or see pricing.
Shared Jul 11, 2026