Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T191A36A33411935274437C6D530A55B3BD2A79A4FFAE70A010EECD7EA1BFACA0B45B11A |
|
CONTENT
ssdeep
|
1536:x+fLz4NP/y9svbliCd/b9FtiuCa28y2O9:8mAv |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
d361fc32cd3c9069 |
|
VISUAL
aHash
|
00602000000400ff |
|
VISUAL
dHash
|
8ccccce8c9cc3df2 |
|
VISUAL
wHash
|
c0fefe00246f00ff |
|
VISUAL
colorHash
|
390410002c0 |
|
VISUAL
cropResistant
|
ca55714d4d715596,008081303000a000,9cccccd0e8ccdc33 |
Victim enters username and password into fake login form. Credentials are captured via JavaScript and exfiltrated to attacker's server in real-time.
Malicious code is obfuscated using 54 techniques to evade detection by security scanners and make reverse engineering more difficult.
Found 1 other scan for this domain