Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T165D11FA75108142E263306DCE265339A74A7B31ECBA6191CD2ACD33783ECDA7F967C15 |
|
CONTENT
ssdeep
|
96:TA5K1tUbOw7NoI+VbNRYmR94ij82SEFEOxtTh+hvb5uST:U5K1tUbB7rGNXHDNWO/Th+hDT |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
e4c793389a316ccd |
|
VISUAL
aHash
|
fff3f3f3f3c3c3ff |
|
VISUAL
dHash
|
f8e6862626869640 |
|
VISUAL
wHash
|
1c31c3f3d1c1c1fc |
|
VISUAL
colorHash
|
06006040000 |
|
VISUAL
cropResistant
|
f8e6862626869640,26252424e4c06713 |
Victim enters username and password into fake login form. Credentials are captured via JavaScript and exfiltrated to attacker's server in real-time.
Malicious code is obfuscated using 22 techniques to evade detection by security scanners and make reverse engineering more difficult.
Pages with identical visual appearance (based on perceptual hash)
Found 1 other scan for this domain