Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T1D98111319258983F988387ECF3A0FF1B268782A9D7421955B2FDD79A8BC6D51CE0059C |
|
CONTENT
ssdeep
|
48:QsCeNmTNMgr4SXUpoDo9yZ1H+P9QlqIXeQZfEkQSqMOT97EAdHw0LKZrxH2ADfxl:UWFyWYeQdEylhAqZ9it0NqM |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
d71a552e770a5532 |
|
VISUAL
aHash
|
00ffffffe7fffffe |
|
VISUAL
dHash
|
281018304c0c110e |
|
VISUAL
wHash
|
000c3f3fc0fcf8e0 |
|
VISUAL
colorHash
|
070000180c0 |
|
VISUAL
cropResistant
|
209810384c00010e,00000288988c4208 |
• Amenaza: Phishing de tarjetas de crédito dirigido a clientes de Aruba.it.
• Objetivo: Clientes de Aruba.it.
• Método: Formulario de pago falso para robar datos de tarjetas de crédito.
• Exfil: Los datos se envían a hassan2.php.
• Indicadores: Dominio no coincide (climbwest.com.au vs aruba.it), formulario de tarjeta de crédito, acción de formulario hassan2.php.
• Riesgo: CRÍTICO - Robo de tarjetas de crédito en tiempo real.
Pages with identical visual appearance (based on perceptual hash)
Found 10 other scans for this domain