Detailed analysis of captured phishing page
No screenshot available
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T16DB2C8205244262F49A743D8FB799B4EB3A0C386D2574392C6F6D24DD9EECD0ED1D2AC |
|
CONTENT
ssdeep
|
384:MFvmZmfZf145RySpqKZf145RySpS7S5asnve2EB3PoMDykCM3E7LLjpmyjKFM9+X:7m6J7qasDEBgMDnCMU7LLjpmyjKF0+X |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
bc5c57435658386e |
|
VISUAL
aHash
|
00ffd3dfe7cfefc7 |
|
VISUAL
dHash
|
d000b7360f1b0b0f |
|
VISUAL
wHash
|
00f7d3f7c1c1c1c1 |
|
VISUAL
colorHash
|
07000200006 |
|
VISUAL
cropResistant
|
d000b7360f1b0b0f,0103030b0b0b0001 |
Victim enters username and password into fake login form. Credentials are captured via JavaScript and exfiltrated to attacker's server in real-time.
Malicious code is obfuscated using 214 techniques to evade detection by security scanners and make reverse engineering more difficult.
Pages with identical visual appearance (based on perceptual hash)
Found 3 other scans for this domain