Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T13073A771D4A4C47706CEB7E0B6252B1F7693C75BC9820BA6E3F843081E85ED2ED13459 |
|
CONTENT
ssdeep
|
1536:b9MMgMk1dqAGFwpdLX3fl2gMk1dqAGd2SQoiYWM2y+sE9JY1KMVS2hs9hpMwjkj4:xMhXP |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
e4130e1b5e716735 |
|
VISUAL
aHash
|
0003c3c3c3c3c3f3 |
|
VISUAL
dHash
|
49368e86968696a6 |
|
VISUAL
wHash
|
00e3e3c3c3c3c3f3 |
|
VISUAL
colorHash
|
0e0002c0000 |
|
VISUAL
cropResistant
|
d896942ab696f84a,cedadb4eccd19696,cebc3e16726a2a16,e323337364686464,49368e86968696a6,2f33395572705468,2b335111d5727050 |
Victim enters username and password into fake login form. Credentials are captured via JavaScript and exfiltrated to attacker's server in real-time.
Malicious code is obfuscated using 59 techniques to evade detection by security scanners and make reverse engineering more difficult.
Pages with identical visual appearance (based on perceptual hash)
Found 2 other scans for this domain