Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T1D973727511436E3F118387D5C36CE35AE386D609C767998BDBE8831B338AEA4CD39168 |
|
CONTENT
ssdeep
|
1536:Vb9MVcR1gNcE802amePeyCCM0Au1uIg+C0Ax9mo8Sy:sDEuzAsj5L |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
e840a6bc366eb6b2 |
|
VISUAL
aHash
|
00000000ffffffff |
|
VISUAL
dHash
|
84d383339437270c |
|
VISUAL
wHash
|
00000000ffffffff |
|
VISUAL
colorHash
|
06010000e00 |
|
VISUAL
cropResistant
|
108a88cbcbc988c8,3a65e5679ab93d25,38789d9c8c8c8d8f,a76464bba3535347,82928ccccc8cb282,c512302327000f0e,948bf3d3832b3393 |
• Amenaza: Fraude de Inversión
• Objetivo: Usuarios buscando trading automatizado
• Método: Phishing recolectando datos personales (PII)
• Exfil: /send
• Indicadores: JS ofuscado, promesas de IA genéricas
• Riesgo: Alto
The site uses a deceptive landing page to gather personal user data, likely to be used in follow-up scams.
Hides the exfiltration endpoint to prevent automated detection.
Pages with identical visual appearance (based on perceptual hash)