Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T19C2255B199509D3B129386E4BA71AB0F73E44788CF432701BBF8539E1EC6CA5DC4B095 |
|
CONTENT
ssdeep
|
192:OJKnr17ZkM/Y/Q/2YgBhJpsfcrvbW/Liwqgw:O8r17ZhayX6Mf+jWufgw |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
a62c7959d3c31636 |
|
VISUAL
aHash
|
0001077fffffffff |
|
VISUAL
dHash
|
5137eccc28500000 |
|
VISUAL
wHash
|
00000303e4fcfcfc |
|
VISUAL
colorHash
|
07007000000 |
|
VISUAL
cropResistant
|
5137eccc28500000 |
โข Threat: Phishing
โข Target: Microsoft Outlook users
โข Method: Impersonation and Social Engineering.
โข Exfil: JavaScript with eval and fromCharCode
โข Indicators: Domain mismatch, suspicious text, brand impersonation, JavaScript form submission detected.
โข Risk: High
The site is designed to trick users into clicking the call to action, which leads to a form that will likely phish the user's Microsoft credentials.
Pages with identical visual appearance (based on perceptual hash)
Found 10 other scans for this domain