Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T1F1B31BA43565B967177303EB10DF1602B279512FC40E8D20B374ECAA7B6DC8BA167F86 |
|
CONTENT
ssdeep
|
1536:R7Q2IPHMLPlhpEpKUF8fH79YCGXFfbsQmlo2h2wV9LHd8tVPTMn57Bd0uq++mX8z:RcqoXjUMAL98n0d0++T |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
ed6d939292929369 |
|
VISUAL
aHash
|
ff919191f9ffffff |
|
VISUAL
dHash
|
cb272327c31a0b2b |
|
VISUAL
wHash
|
a181819191ffabdb |
|
VISUAL
colorHash
|
07400000240 |
|
VISUAL
cropResistant
|
cb272327c31a0b2b,634be3838bd89a4a |
Victim enters username and password into fake login form. Credentials are captured via JavaScript and exfiltrated to attacker's server in real-time.
Malicious code is obfuscated using 12 techniques to evade detection by security scanners and make reverse engineering more difficult.
Pages with identical visual appearance (based on perceptual hash)
Found 1 other scan for this domain