Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T1D6B21163B5821567229B62CEF11A2D0CD0C692CBC69D4EDCF6F0109DE5E2EF43356E68 |
|
CONTENT
ssdeep
|
192:pH0u/50+q+cJhlpzeQxZEUxsyT08xUsyx+LII8IEy35RMHCPiAMMQCrW7peRD9yu:pHZjKhlVakEir8IEKHqmM88/oj |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
ba63c36a9096a73c |
|
VISUAL
aHash
|
e1c1819d818181df |
|
VISUAL
dHash
|
4d133b1131353539 |
|
VISUAL
wHash
|
e1c18bdf818181ff |
|
VISUAL
colorHash
|
06400018200 |
|
VISUAL
cropResistant
|
4d133b1131353539,78f89c3870218f1f,0000008020206076,941b5b9032b6b632 |
Victim enters username and password into fake login form. Credentials are captured via JavaScript and exfiltrated to attacker's server in real-time.
Malicious code is obfuscated using 950 techniques to evade detection by security scanners and make reverse engineering more difficult.
Pages with identical visual appearance (based on perceptual hash)
Found 1 other scan for this domain