Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T18E21FD708013EC77A0B2E2E187B993AF22D0C755D94713269BF9936C0ECAD88ED56152 |
|
CONTENT
ssdeep
|
12:nwMy7FUQkpuG6BlzFMh6EW8qS9SPQKMxdjthJbFCbjUZl1chgzym7+1g7sVsb8af:n/CsOBwh6E1q0V7jtDFCbWWmRoauc |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
9999e6cc1933b38c |
|
VISUAL
aHash
|
3c3c3c18183c3c3c |
|
VISUAL
dHash
|
f0f0f0f0f0f0f0f0 |
|
VISUAL
wHash
|
7e3c3c3c183c3c3c |
|
VISUAL
colorHash
|
18007000000 |
|
VISUAL
cropResistant
|
f0f0f0f0f0f0f0f0 |
• Threat: Cryptocurrency wallet phishing
• Target: Ethereum users
• Method: Fake financial dashboard mimicking a wallet
• Exfil: Unknown, likely collects login or transaction data
• Indicators: Free hosting, no official domain, financial interface
• Risk: HIGH - Potential for unauthorized access to funds
Fake Ethereum page designed to appear in search results and trick users into visiting. May redirect to credential harvesting pages, malware downloads, or serve as a trust-building step before requesting sensitive information.
Uses stolen Ethereum branding elements and design to appear legitimate and build victim trust.