Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T132E2623157182CFE746BEBCCE188FB67A248E902DB0A47C4FE95C115989CDE9CC7254A |
|
CONTENT
ssdeep
|
768:/JATBMPLW2FCvSU415EjZBIRe6qOtOi+ZEYbfMfYYSiO1hh5O:hATBMPLW2FCqU415EjZBIRe6qOtOi4Z4 |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
de030473f78139ce |
|
VISUAL
aHash
|
008098fcfcc0d098 |
|
VISUAL
dHash
|
9a31313119113135 |
|
VISUAL
wHash
|
0090fcfcfcc8d8bc |
|
VISUAL
colorHash
|
301c0001000 |
|
VISUAL
cropResistant
|
8280212535058080,8280130b2b258080,e0e0e0e0e0e0e0e0,9a31313119113135 |
Fake OKX page designed to appear in search results and trick users into visiting. May redirect to credential harvesting pages, malware downloads, or serve as a trust-building step before requesting sensitive information.
Malicious code is obfuscated using 2 techniques to evade detection by security scanners and make reverse engineering more difficult.