Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T16B331763A381B57702E391D662A6779FB3E0C019CF62071461FF83AC67D6C15DF2226A |
|
CONTENT
ssdeep
|
768:BiqIIJN1U42sgrToAOpQUbTt6BGL7qKb8lVcPbF2v6Eiy6Rx73X7HXdFI:ZIIJN1U4srToZTtJLdyUFBy6Rx7HLdFI |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
8cd7267c23cc8c73 |
|
VISUAL
aHash
|
003c3c3c3c181800 |
|
VISUAL
dHash
|
70f0f0f0e8b2f02f |
|
VISUAL
wHash
|
3e7e7e3e3c3c1800 |
|
VISUAL
colorHash
|
38000038000 |
|
VISUAL
cropResistant
|
000000d6c2000000,70f0f0f0e8b2f02f |
Victim enters username and password into fake login form. Credentials are captured via JavaScript and exfiltrated to attacker's server in real-time.
Malicious code is obfuscated using 2 techniques to evade detection by security scanners and make reverse engineering more difficult.
Found 1 other scan for this domain