Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T1A7A186B45A2C8D27166BC1E2F2621B2E1190C286E743121447FE93FCAFD9CA9DF7B445 |
|
CONTENT
ssdeep
|
48:TwYnWYUkxBEuN2uTk6v5qm6J6U09dh9VcdPNWWrpdPr8Z6tPrRIravZzK7g7TsoT:T7nOkxdH5q89ncxwZqvZP7AxTW5NPr |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
9999999999999999 |
|
VISUAL
aHash
|
5a24180000000000 |
|
VISUAL
dHash
|
3208100000000000 |
|
VISUAL
wHash
|
ffffffff00000000 |
|
VISUAL
colorHash
|
38400030000 |
|
VISUAL
cropResistant
|
3208100000000000 |
Victim enters username and password into fake login form. Credentials are captured via JavaScript and exfiltrated to attacker's server in real-time.
Malicious code is obfuscated using 48 techniques to evade detection by security scanners and make reverse engineering more difficult.
Drainer supports multiple blockchain networks and checks for high-value tokens on each chain before executing drain operations.
Pages with identical visual appearance (based on perceptual hash)
Found 1 other scan for this domain