Detailed analysis of captured phishing page
No screenshot available
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T1ECA27370518A693B01A3C6D2E67667ABB2E1860EDB039651E3FC635F0FCBF94ED55200 |
|
CONTENT
ssdeep
|
384:P3jAADGY0VkxGSVnfLUTGt8u15TmfLYroUa87mV:P3jAAaY0VkxVJfLUT3u15TmfLUf7mV |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
e31eb146b1ce1ab8 |
|
VISUAL
aHash
|
0000183c0020ffef |
|
VISUAL
dHash
|
e89669691ee0c61e |
|
VISUAL
wHash
|
ff001c3c0030ffef |
|
VISUAL
colorHash
|
020000001c0 |
|
VISUAL
cropResistant
|
800080a080008000,ccb3b3c5c566c080,e4e01c00969e9e9e,20069669694410e4,2c3d3d2b230301c1,e7e7e7e7e7e7e7e6 |
• Threat: Impersonation and potential credential harvesting phishing
• Target: Users seeking municipal services, possibly targeting Spanish-speaking regions.
• Method: The website impersonates the logo of UNGL, prompting users to register, potentially stealing credentials.
• Exfil: Unknown, likely designed to steal information or redirect users.
• Indicators: Domain name mismatch (ungl.cr vs formulariovirtualenlinea.com), unclear purpose beyond registration.
• Risk: HIGH - Potential data theft due to brand impersonation.
Pages with identical visual appearance (based on perceptual hash)