Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T113D3E93092545E3AB1A393E0F3316B6A72668295DE030F4993F4D769A7DBCDADC270C4 |
|
CONTENT
ssdeep
|
1536:6Nfc53atUxGoIO6aGrSQZo+2OTKg/B/shHXT8/hewbl/9bCg/B/shHXT8/hewblw:6OatUxGoIO6aGrSQZo+2OTV6lH9CFIh |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
c4c46b4337341fda |
|
VISUAL
aHash
|
40f8ff577220e000 |
|
VISUAL
dHash
|
98c3b6b6a4648077 |
|
VISUAL
wHash
|
7cf87f577820f001 |
|
VISUAL
colorHash
|
39400008080 |
|
VISUAL
cropResistant
|
c0e0c0c0e0c06060,2626dcc394a42555,2a29a94936962252,2636d5d725485a65,98c3b6b6a4648077 |
Victim enters username and password into fake login form. Credentials are captured via JavaScript and exfiltrated to attacker's server in real-time.
Malicious code is obfuscated using 122238 techniques to evade detection by security scanners and make reverse engineering more difficult.
Drainer supports multiple blockchain networks and checks for high-value tokens on each chain before executing drain operations.
Found 1 other scan for this domain