Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T1EA43F9207300F3699C330F74F34935AAC1DED385E9A6782DB259926570D213AC79BDBA |
|
CONTENT
ssdeep
|
1536:Dm0gWX0wA3ins+cp0mdNtgWGtgWEfo3E4tqtgWGtgWhhJS/q8Z7U1c/jDpYJ7wFz:5gWWp0mztgWGtgW4tgWGtgWOZYJ7q |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
b2328dc90f3626cf |
|
VISUAL
aHash
|
ffe7c3c3c7e7ffff |
|
VISUAL
dHash
|
531e8d8d1e160060 |
|
VISUAL
wHash
|
00c3c3c3c3c3cf9f |
|
VISUAL
colorHash
|
070000001c0 |
|
VISUAL
cropResistant
|
531e8d8d1e160060,328cccde5894dcc8,20010982a6829262 |
Victim enters username and password into fake login form. Credentials are captured via JavaScript and exfiltrated to attacker's server in real-time.
Malicious code is obfuscated using 394 techniques to evade detection by security scanners and make reverse engineering more difficult.
Pages with identical visual appearance (based on perceptual hash)
Found 1 other scan for this domain