Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T1EEA364205909983F0EA735C8A17D7B59E2D5830BCB53048DF7F583798BCAD69E93A12C |
|
CONTENT
ssdeep
|
1536:3hjHdNV9XaZz1C9eJNyERXO7A8L+fPUeKskrU/OoqZyhpsU33qNI50LqI/f/sIxg:3hzdoZz7nl3M7j/3d7q |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
ed9992661c9965c9 |
|
VISUAL
aHash
|
9fffd9d191e3fffe |
|
VISUAL
dHash
|
3b3b133327260f4c |
|
VISUAL
wHash
|
81db818191e3ffa6 |
|
VISUAL
colorHash
|
07601008000 |
|
VISUAL
cropResistant
|
3b3b133327260f4c,450100f00591390b,9e9c94241939396b |
Victim enters username and password into fake login form. Credentials are captured via JavaScript and exfiltrated to attacker's server in real-time.
Malicious code is obfuscated using 180 techniques to evade detection by security scanners and make reverse engineering more difficult.
Found 1 other scan for this domain