Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T19FA1947060405D7A582BCA74F7D4F21B5A6FD318D23BA09CA789427A23D2D90C9239E4 |
|
CONTENT
ssdeep
|
96:TvSBvsyZuWrF+/kOsxK55u7XqMjgpQOmekQY883ikQz883TjYKkLBkTk:TvSBkyZuoFaHUrXWX/YK8B3 |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
8877668d99736664 |
|
VISUAL
aHash
|
0000001818180001 |
|
VISUAL
dHash
|
fffff7b2b2b3cffb |
|
VISUAL
wHash
|
00011b1b1f1f3f7f |
|
VISUAL
colorHash
|
08006000040 |
|
VISUAL
cropResistant
|
626ccc7061007171,fffff7b2b2b3cffb |
Victim enters username and password into fake login form. Credentials are captured via JavaScript and exfiltrated to attacker's server in real-time.
Malicious code is obfuscated using 14 techniques to evade detection by security scanners and make reverse engineering more difficult.
Found 2 other scans for this domain