Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T1CE22E975B298D26BD1534BC4CEF23268B6BBB15EF7150884E79E02D44E8DC4FCA264C8 |
|
CONTENT
ssdeep
|
192:K6UMDTuV9FNb9DYiM5zwYUmUCntRqiPxuUM5Yo4paxFm2OIogC:KETuVtbmiMW/mrntMxFm2OIoD |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
f373494c66674949 |
|
VISUAL
aHash
|
00ffefe7ffffffff |
|
VISUAL
dHash
|
4c084d4d00000000 |
|
VISUAL
wHash
|
00e3e3e3f0f0f0f0 |
|
VISUAL
colorHash
|
070000001c0 |
|
VISUAL
cropResistant
|
0c1c4c4d00080000,004020d0d0400000 |
Victim enters username and password into fake login form. Credentials are captured via JavaScript and exfiltrated to attacker's server in real-time.
Malicious code is obfuscated using 10 techniques to evade detection by security scanners and make reverse engineering more difficult.
Found 2 other scans for this domain