Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T188044E23D2F3161A262F7E60D061B709A193F70F9AF12BD49471827517E79AD32B39C8 |
|
CONTENT
ssdeep
|
1536:lXjKO+BqfDOJ2QRTX18WSUw2pMUGuqTH6CHmIV0d3YF9stcX5:Jej14hk8Z |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
9c49bcc3e6b8e198 |
|
VISUAL
aHash
|
ff0000000000ffff |
|
VISUAL
dHash
|
27b23210d4c43a26 |
|
VISUAL
wHash
|
ff180000243cffff |
|
VISUAL
colorHash
|
02000000e00 |
|
VISUAL
cropResistant
|
0002006363880000,4424e4263644e4e7,10003038006c362e,2032323032d4d4e8 |
Victim enters username and password into fake login form. Credentials are captured via JavaScript and exfiltrated to attacker's server in real-time.
Malicious code is obfuscated using 15 techniques to evade detection by security scanners and make reverse engineering more difficult.
Pages with identical visual appearance (based on perceptual hash)
Found 1 other scan for this domain