Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T109E1507154A4AA7B019BC6D477B0EB1A72C2C20ECD831A85A3F8835D5BE6C62FC46356 |
|
CONTENT
ssdeep
|
96:sNC70lHR08/P39qD7f2zd5hK88PDwGBBnMIVijYzIlqJJx2VDqWslymfD:OC6eSEDz2B5Q88P4OCbe |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
f3614ccf716348c9 |
|
VISUAL
aHash
|
00ffffc7ffffff00 |
|
VISUAL
dHash
|
c411160e28282890 |
|
VISUAL
wHash
|
00c6d8c0cffffc00 |
|
VISUAL
colorHash
|
06000038000 |
|
VISUAL
cropResistant
|
c411160e28282890 |
• Threat: Phishing
• Target: STRATO customers
• Method: Impersonation of STRATO login page.
• Exfil: login.php
• Indicators: Domain mismatch, generic hosting, form detected.
• Risk: HIGH
The attacker aims to steal the user's STRATO login credentials (username and password) by presenting a fake login form that looks like the real STRATO login.
Pages with identical visual appearance (based on perceptual hash)
Found 4 other scans for this domain