Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T133C1221C3450E5FB0A275F9A7AD0FC45B985B309C13E907AD6EF12B956E2F818EB0816 |
|
CONTENT
ssdeep
|
96:zTa5sBaEzsjxOQAqM4z8zdMpz8zgZBrCw/:zTEEWOQAqN6dO6gZQw/ |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
cc663399cc666699 |
|
VISUAL
aHash
|
0000181818180000 |
|
VISUAL
dHash
|
00083032b2300800 |
|
VISUAL
wHash
|
00001c1c3c3c0000 |
|
VISUAL
colorHash
|
38000000000 |
|
VISUAL
cropResistant
|
8a304c4c4c0a8482,00083032b2300800 |
Victim enters username and password into fake login form. Credentials are captured via JavaScript and exfiltrated to attacker's server in real-time.
Malicious code is obfuscated using 7 techniques to evade detection by security scanners and make reverse engineering more difficult.
Pages with identical visual appearance (based on perceptual hash)
Found 1 other scan for this domain