Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T1A2932BA43A58F56659B343A350EF2103B338552B540E4C20B354ECAE76ADC9FA077FDA |
|
CONTENT
ssdeep
|
1536:FVpXND+XFfbsQmlo2h2wV9LHd8tVPTMn57BAEuW8Fuz8k:aXjUMAL98n0AI8Fg |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
f38a77887588d52a |
|
VISUAL
aHash
|
e7e7ffefefffe7e6 |
|
VISUAL
dHash
|
0c4c0c5a581a4d4c |
|
VISUAL
wHash
|
2727070f070f0f06 |
|
VISUAL
colorHash
|
07e00000000 |
|
VISUAL
cropResistant
|
0c4c0c5a581a4d4c |
Victim enters username and password into fake login form. Credentials are captured via JavaScript and exfiltrated to attacker's server in real-time.
Malicious code is obfuscated using 12 techniques to evade detection by security scanners and make reverse engineering more difficult.
Pages with identical visual appearance (based on perceptual hash)
Found 1 other scan for this domain