Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T1A331227061081AB34243F2C46286F75B79D341A9EFA612001BBB63E882AED6CC414683 |
|
CONTENT
ssdeep
|
24:hRGXDfBTN/+TN/0AlZhGy0wh7HHoYU/DECIn2Xeda/nxcLJG:TwJTNmTNMKUyPNoX/opnweaSJG |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
de8e65656d393064 |
|
VISUAL
aHash
|
3c3c3c3c3c240000 |
|
VISUAL
dHash
|
6169696961490000 |
|
VISUAL
wHash
|
fcfcbc3c3c3c80c0 |
|
VISUAL
colorHash
|
01003c00000 |
|
VISUAL
cropResistant
|
0000000000000000,213351e0e0315149,0000000000000000,6169696961490000,4100401090400001 |
Victim enters username and password into fake login form. Credentials are captured via JavaScript and exfiltrated to attacker's server in real-time.
Malicious code is obfuscated using 37 techniques to evade detection by security scanners and make reverse engineering more difficult.
Found 2 other scans for this domain