Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T1DBA3D8CD6BF09AF9A883D7E7FB1101883D4E64E61A458978C14C9F98B4C68BCF941D93 |
|
CONTENT
ssdeep
|
768:ydrzrnze6VolvFxUwfY0W8brtRbrP66vD9i+hdrzrnze6VolvFxUwfY0W8brtRba:y7qmCfPFn7qmCfPFd7qmCfPF/ |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
c83ff22598e41de2 |
|
VISUAL
aHash
|
800018181818f0fc |
|
VISUAL
dHash
|
208c3232707289a9 |
|
VISUAL
wHash
|
c1003c3c3c18f8fc |
|
VISUAL
colorHash
|
38000000007 |
|
VISUAL
cropResistant
|
208c3232707289a9 |
Victim enters username and password into fake login form. Credentials are captured via JavaScript and exfiltrated to attacker's server in real-time.
Malicious code is obfuscated using 1084 techniques to evade detection by security scanners and make reverse engineering more difficult.
Drainer supports multiple blockchain networks and checks for high-value tokens on each chain before executing drain operations.
Pages with identical visual appearance (based on perceptual hash)
Found 1 other scan for this domain