Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T14663F950230173AA2C334F70F34972B6D1AFC389F5A6782DB299835171D317AC757AA9 |
|
CONTENT
ssdeep
|
1536:km10wA3ins+mIMfo3E4tURMSoq8Z7U1c/jcgYJ7w/YVPx/thXKzny7O+Xw:hbYJ7+ |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
b38e9937360c9d8c |
|
VISUAL
aHash
|
8fc7ffe7e7e7c3c7 |
|
VISUAL
dHash
|
591f164d4d0e161e |
|
VISUAL
wHash
|
89c1c3c7e7c3c383 |
|
VISUAL
colorHash
|
07002e00000 |
|
VISUAL
cropResistant
|
591f164d4d0e161e |
Victim enters username and password into fake login form. Credentials are captured via JavaScript and exfiltrated to attacker's server in real-time.
Malicious code is obfuscated using 394 techniques to evade detection by security scanners and make reverse engineering more difficult.
Pages with identical visual appearance (based on perceptual hash)
Found 1 other scan for this domain