Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T173A1BBB25148A87F82C341F4C7B1EF1E3696D256DA12510492FC57DEAEE0EC2CE299F0 |
|
CONTENT
ssdeep
|
48:TGupRNLMJoUv8oWI26KHGDq3KADR0k347ZYoJC9mzbjx+:TGuH9KpWI0TRveYoJCGbjx+ |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
9a4d64b26d989a6d |
|
VISUAL
aHash
|
81001919390e0703 |
|
VISUAL
dHash
|
2d177371634d0d33 |
|
VISUAL
wHash
|
8783193d3f27031f |
|
VISUAL
colorHash
|
38001e00000 |
|
VISUAL
cropResistant
|
2d177371634d0d33 |
Victim enters username and password into fake login form. Credentials are captured via JavaScript and exfiltrated to attacker's server in real-time.
Malicious code is obfuscated using 4 techniques to evade detection by security scanners and make reverse engineering more difficult.
Found 2 other scans for this domain