Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T17272113050104D3212B783D4AEA56B1E31D9D319CE0349C51AE9CB5FEFDBE49C86B5BA |
|
CONTENT
ssdeep
|
384:Y2mrfQukPEP/9GIwEC1a49RxErC1aUz9Rj9Rt/nV4Iwa9P19d95e6Ek:aQ6AIwEC1a4vxErC1aUzvjvt/ViaZ1DL |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
9b5dc1f40cc11bc7 |
|
VISUAL
aHash
|
ff0f0d0f030f7f7f |
|
VISUAL
dHash
|
da5959797f39eaca |
|
VISUAL
wHash
|
6f0f0d0d010f6f2f |
|
VISUAL
colorHash
|
06601040200 |
|
VISUAL
cropResistant
|
da5959797f39eaca,4d4f959f899393cb,2114686170720420 |
Victim enters username and password into fake login form. Credentials are captured via JavaScript and exfiltrated to attacker's server in real-time.
Malicious code is obfuscated using 45 techniques to evade detection by security scanners and make reverse engineering more difficult.
Found 2 other scans for this domain