Detailed analysis of captured phishing page
No screenshot available
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T1A3716A7191829AA71193C1D09B775B2F76C0C309CA9B4B0763F8A3AFBFC5C84EE02045 |
|
CONTENT
ssdeep
|
48:nn3FsyZjc0Nw/uYJG2wuD7X9vsv+JN5TNWJnECa:nnjjc0NEtbNvYJEd |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
b16c33936d9c3499 |
|
VISUAL
aHash
|
c3c3c3dbffffefc3 |
|
VISUAL
dHash
|
9e8e96b6b24d0a96 |
|
VISUAL
wHash
|
c0c0c0d8dbe7c3c3 |
|
VISUAL
colorHash
|
06030008200 |
|
VISUAL
cropResistant
|
9e8e96b6b24d0a96,fffcf7f3dc03d3f3,4d333d4d55554d8c |
⢠Threat: Phishing
⢠Target: Unsuspecting users
⢠Method: Download an app using a deceptive expiration message
⢠Exfil: Unknown, but app download likely has tracking. Domain age is 1437 days
⢠Indicators: Domain name, Offers, Domain expiry scare tactics, Obfuscation
⢠Risk: High
The site likely attempts to distribute malware through the app download, or harvests user data through the deceptive nature of the site.
The site uses social engineering through the domain expiration scare tactic and offering prizes to encourage users to download an app.
Pages with identical visual appearance (based on perceptual hash)
Found 3 other scans for this domain