Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T10F32F1B2110676330297C6D07B61E799F286C2CACE4B151297F3D34D8EEAE51FAD2606 |
|
CONTENT
ssdeep
|
96:QoABWH+2M6yzHTK1XMCWbr0TquPa8bvFm0IqDa8jg2Ri8x0I2Tfa8U6DnQTDndAM:Qn8a6yzzKCCwn4WqiQHdomiV5vYYc |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
e916e618e51b857a |
|
VISUAL
aHash
|
18000018181881ff |
|
VISUAL
dHash
|
32300a1233f0130f |
|
VISUAL
wHash
|
3cbc08585858d9ff |
|
VISUAL
colorHash
|
00006000040 |
|
VISUAL
cropResistant
|
2f27652754a56c52,6a7868f878787a6a,452b1b97864e4dc0,32300a1232b2330f |
Victim enters username and password into fake login form. Credentials are captured via JavaScript and exfiltrated to attacker's server in real-time.
Malicious code is obfuscated using 3390 techniques to evade detection by security scanners and make reverse engineering more difficult.
Pages with identical visual appearance (based on perceptual hash)
Found 1 other scan for this domain