Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T1BE13D7206211B76A9C734F34F38A30B6D1AE9384E5E6B82DB355835534E3179C74BCEA |
|
CONTENT
ssdeep
|
768:kmY0wA3insAXsRYP+hPVL4R3E4tn/8WPtPfPWRgPvSlAPRq8Z7U1c/jPYLPWSPJ+:kmY0wA3ins+sRPfo3E4tn4ASkq8Z7U1A |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
e5659a9a339c8e64 |
|
VISUAL
aHash
|
ffc3c3c3c3ffffff |
|
VISUAL
dHash
|
518696969e000660 |
|
VISUAL
wHash
|
00c3c3c3c0fcfc9c |
|
VISUAL
colorHash
|
06000000e00 |
|
VISUAL
cropResistant
|
518696969e000660,b2e3db93db9b9f78,b0a9ec696529597e |
Victim enters username and password into fake login form. Credentials are captured via JavaScript and exfiltrated to attacker's server in real-time.
Malicious code is obfuscated using 394 techniques to evade detection by security scanners and make reverse engineering more difficult.
Pages with identical visual appearance (based on perceptual hash)
Found 2 other scans for this domain