Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T1B3220193110C6A65C3B341994810268062839A4FC9B0CB7096ED4E7F1FF6E9757A2F7E |
|
CONTENT
ssdeep
|
192:Y3O6qln6OmCHjbO1jZRAmWjwSAxiMkyDzY4PYjFWjwfAxQrgqJ4Xbh:IOmC0R5SbYYnfx4N |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
bcac43c30de9639c |
|
VISUAL
aHash
|
fbffdfdfdfffff00 |
|
VISUAL
dHash
|
233f3733260c14c4 |
|
VISUAL
wHash
|
99c783839fe7c700 |
|
VISUAL
colorHash
|
076000000c0 |
|
VISUAL
cropResistant
|
230b3733362c0e16,4000c4c600400000 |
Victim enters username and password into fake login form. Credentials are captured via JavaScript and exfiltrated to attacker's server in real-time.
Malicious code is obfuscated using 5 techniques to evade detection by security scanners and make reverse engineering more difficult.
Pages with identical visual appearance (based on perceptual hash)
Found 1 other scan for this domain