Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T1ABF1B861A041653F93A2A3C8B7B7F62AD3C342DBE9121921E7FF8B9F59E1E60C403145 |
|
CONTENT
ssdeep
|
96:VSg7lvl0PYST/ZM9iXSZSZSeCUstNAoLSgB2SgiSTfPuQUS+1vF03RMwTtM3oGSS:GPxOkCIINHz2gNgf6QnRM6m |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
9cb494b53434ccde |
|
VISUAL
aHash
|
f63c3c0000383c3c |
|
VISUAL
dHash
|
947171b260726960 |
|
VISUAL
wHash
|
ff7f3c1800383c3c |
|
VISUAL
colorHash
|
38400030000 |
|
VISUAL
cropResistant
|
947171b260726960 |
Victim enters username and password into fake login form. Credentials are captured via JavaScript and exfiltrated to attacker's server in real-time.
Malicious code is obfuscated using 16 techniques to evade detection by security scanners and make reverse engineering more difficult.
Found 4 other scans for this domain