Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T103E1957055506C4AB273A294B8B2974F321BC20EDB0A0DB963F9A7D1D7CFAD544326A3 |
|
CONTENT
ssdeep
|
96:BzNXdd1DAgFkuQc5DmeODuHqRkIpuLHgGQkIyuL1uGGkIS26tR6Bn/XddR:tDAgWEP7KRmLHgGQ5L1uGGWc5 |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
b81cc7733cce5930 |
|
VISUAL
aHash
|
ffdfdb8383cff7ff |
|
VISUAL
dHash
|
e394b6363696c492 |
|
VISUAL
wHash
|
ff4711010303777f |
|
VISUAL
colorHash
|
07001000180 |
|
VISUAL
cropResistant
|
e394b6363696c492,278f1e1ec7612583 |
• Threat: Access Restriction Phishing
• Target: Kaiyun Sports users, especially those interested in football clubs
• Method: Impersonating Kaiyun Sports with a fake access restriction page and logos of famous football clubs
• Exfil: Unknown, but likely attempting to collect user information or redirect to malicious sites upon clicking the button.
• Indicators: Domain mismatch, brand impersonation, use of football club logos, access restriction message, suspicious email address ([email protected])
• Risk: HIGH - Potential data theft or redirection to malicious websites
Pages with identical visual appearance (based on perceptual hash)