Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T12CB34D67338C293B43A32DE0917F22467F7B5B8631271101D60897523DEAD99E8F5ACE |
|
CONTENT
ssdeep
|
1536:f1eQsoSDmtg+ezmGf1Ei9IUIyF8+4y5N4GeRr/NZ/jKMJS4rihwqC3GvwGRiZFvo:kQqwYmps3sdAF |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
947a73946b87e0b4 |
|
VISUAL
aHash
|
0400003cff7f7e00 |
|
VISUAL
dHash
|
4c3cccc8b2b4ecd8 |
|
VISUAL
wHash
|
2e00003fff7f7e08 |
|
VISUAL
colorHash
|
02402000001 |
|
VISUAL
cropResistant
|
f975767273da9c9c,890d1161c0eae3b1,4c3cccc8b2b4ecd8 |
Victim enters username and password into fake login form. Credentials are captured via JavaScript and exfiltrated to attacker's server in real-time.
Malicious code is obfuscated using 81 techniques to evade detection by security scanners and make reverse engineering more difficult.
Found 2 other scans for this domain