Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T1BC23D77262251837A17F93DAF059B71191E3E70ECA825BE1B1F863760AC9C75FC0781A |
|
CONTENT
ssdeep
|
384:6d+DXWZGZ12rcopZLJprTiYWN4QgeGtAJzodu2iyGzvBRNGhg00lkl4kUiEK:6dWXWo6rjWr5GGMubyAvBRNGhudiEK |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
b03234cdcdcd9393 |
|
VISUAL
aHash
|
c7c7c7dfffffdfdf |
|
VISUAL
dHash
|
9e0f8e1e323e3636 |
|
VISUAL
wHash
|
028383c3cfdfc3c3 |
|
VISUAL
colorHash
|
07200038000 |
|
VISUAL
cropResistant
|
9e0f8e1e323e3636,70f2a04529a6c4f9,d6c4cc5301cea6d0 |
Victim enters username and password into fake login form. Credentials are captured via JavaScript and exfiltrated to attacker's server in real-time.
Malicious code is obfuscated using 237 techniques to evade detection by security scanners and make reverse engineering more difficult.
Found 5 other scans for this domain