Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T10324B815A349876E092B93D4D0313BEA3642F7CBC744E15CDBE9A592CEC3CF82514BA9 |
|
CONTENT
ssdeep
|
1536:ryIabEFRm0msmt3NfLnsLJ6veMmi6tQhfdLso9Od+bLyFLxhK6FPWp1D7fo8Nuv5:UZndKi6tQuR5b0ZV1+ |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
946eb1c8b16fcc86 |
|
VISUAL
aHash
|
0c0414007e7e207e |
|
VISUAL
dHash
|
79486c07f0f0ccdc |
|
VISUAL
wHash
|
bf0410007e7e6e7e |
|
VISUAL
colorHash
|
38400008040 |
|
VISUAL
cropResistant
|
363226030995bbf9,79486c07f0f0ccdc |
Victim enters username and password into fake login form. Credentials are captured via JavaScript and exfiltrated to attacker's server in real-time.
Malicious code is obfuscated using 3024 techniques to evade detection by security scanners and make reverse engineering more difficult.
Drainer supports multiple blockchain networks and checks for high-value tokens on each chain before executing drain operations.
Found 2 other scans for this domain