Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T1E34103305059BD735113E2E87BE06F8B21C7C706C64E294D92F4A39D1EE6C4CDE93659 |
|
CONTENT
ssdeep
|
24:hMs2m7IkWG0vsJhhzR/RxNgVD7VyUlMxnPrMxnsTnEbac7NXQqqkyW1A:LUkKUJhhzJR7OVyUyxnPgxncngzyW1A |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
83fe6d0103039bfe |
|
VISUAL
aHash
|
3f3f3f3f3f3f3f3f |
|
VISUAL
dHash
|
d0c6ccccd0d0d0d0 |
|
VISUAL
wHash
|
3c20242400000000 |
|
VISUAL
colorHash
|
060000001c0 |
|
VISUAL
cropResistant
|
808c989880808080,f184acb6b6ac84f3,0e71710e20000000 |
• Threat: Credential Phishing
• Target: Microsoft Outlook users
• Method: Impersonation of the login page.
• Exfil: https://submit-form.com/Mmj7NWxH1
• Indicators: Domain mismatch, form requesting credentials.
• Risk: High
The attacker attempts to steal user credentials by mimicking the Microsoft Outlook login page and redirecting submission to a potentially malicious third-party service.
Pages with identical visual appearance (based on perceptual hash)
Found 10 other scans for this domain