Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T18031687050859E3B95CAE3F06A30670E27D2C392DA8B0A0492ECD79E5FF6D85CD5A168 |
|
CONTENT
ssdeep
|
24:hR/CcY1OMN8b3s3NBlBmi/nEVyiBJVyb1QRjHb7gUbzJvcFXVPozvcFXVa:TXYNICLnmi/lcuJ0jfBvcnuvcna |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
f3a38c4ca3666699 |
|
VISUAL
aHash
|
ffffe7e7ff0000ff |
|
VISUAL
dHash
|
28284d4d48288000 |
|
VISUAL
wHash
|
2020242400000003 |
|
VISUAL
colorHash
|
06007000000 |
|
VISUAL
cropResistant
|
28084c484d4d4948,0000000000000000,61176171790d5141,0c68106860500000 |
Victim enters username and password into fake login form. Credentials are captured via JavaScript and exfiltrated to attacker's server in real-time.
Malicious code is obfuscated using 56 techniques to evade detection by security scanners and make reverse engineering more difficult.
| ID | Portugués | Inglés | Trigger |
|---|---|---|---|
Pages with identical visual appearance (based on perceptual hash)
Found 1 other scan for this domain