Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T16E728620C843DD7B25E2AAE19665DF29F1D18BA1CA314C54D3F4CBCE9B89F5CDE12842 |
|
CONTENT
ssdeep
|
192:WWKbPeJfBqCVl4EsYbLkyXSVY07hzdFkKQsh1cAV:WWwI5PtHixh1tV |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
ece943929238e1ed |
|
VISUAL
aHash
|
fffffbffff000000 |
|
VISUAL
dHash
|
092312372452f0d4 |
|
VISUAL
wHash
|
edffc3dfdf000000 |
• Threat: Phishing targeting cryptocurrency wallet users.
• Target: Users of imToken, a cryptocurrency wallet application.
• Method: Impersonates the imToken brand using a fake website to potentially steal wallet information.
• Exfil: Unknown, likely targets credentials and wallet access.
• Indicators: Mismatched domain (m.imtokex.com vs imtoken.com), new domain age.
• Risk: HIGH - Potential for immediate wallet compromise and fund theft.
Pages with identical visual appearance (based on perceptual hash)