Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T1B202FD726544A9B30193E3E6E770E72F7A86D349CA932686A2F8D74D0FC7C9ACC51214 |
|
CONTENT
ssdeep
|
96:awfGjzfbPziCvH0ohnO+VQ5xBO4vRlQvOiBvlPH71LRJoTB0VdmPSyt20WFyJxyc:awfG//bPvnOw4vRlqhLRJoTGXAxYA |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
c3c361616d6dc63c |
|
VISUAL
aHash
|
003c3c3c00000000 |
|
VISUAL
dHash
|
4069696996600000 |
|
VISUAL
wHash
|
687efefe00000000 |
|
VISUAL
colorHash
|
31007008000 |
|
VISUAL
cropResistant
|
9392104000030303,4069696996600000 |
Victim enters username and password into fake login form. Credentials are captured via JavaScript and exfiltrated to attacker's server in real-time.
Malicious code is obfuscated using 22 techniques to evade detection by security scanners and make reverse engineering more difficult.
Found 2 other scans for this domain