Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T15113B772A1601837617FA3D9F459F70191E3E70ECA825BE2A1E8A3760ADDC61BC1351A |
|
CONTENT
ssdeep
|
768:Y6uyXBXWotr5WKsGGGqbyAvBRUpV/ModdiEK:Y6uyXBXWotrUK2GqXXUpV/MoDiEK |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
b49366cccd2639c3 |
|
VISUAL
aHash
|
c7c7c7ffffc3c3c3 |
|
VISUAL
dHash
|
8e0e0e1e20962f0f |
|
VISUAL
wHash
|
42c7c3c7df838383 |
|
VISUAL
colorHash
|
06000018200 |
|
VISUAL
cropResistant
|
8e0e0e1e20962f0f,f16e8c03ecece4c4,afa4a4b4b6b4a4a4,8882ea0a221b1b12,1143c68eca8ececa |
Victim enters username and password into fake login form. Credentials are captured via JavaScript and exfiltrated to attacker's server in real-time.
Malicious code is obfuscated using 237 techniques to evade detection by security scanners and make reverse engineering more difficult.
Found 10 other scans for this domain