Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T15E3377319480A93B4153D3E4F3B4AB6EB3E5C645CF03069A93F9839A5FDBC849E2125D |
|
CONTENT
ssdeep
|
384:hQaw7gPzEM0ZlISU0Z8IGcES6BxG3nigXY9iKdLLLL5JLLLLjLLLLqALLLL65UnR:STgP4Hlt6Bx+TY9iKTsyfwbQUm79 |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
92ce69929696c2ed |
|
VISUAL
aHash
|
ff00642e2e6e0400 |
|
VISUAL
dHash
|
8cc1cccccccccc83 |
|
VISUAL
wHash
|
ff40767e6e6e0600 |
|
VISUAL
colorHash
|
39001000088 |
|
VISUAL
cropResistant
|
0004049c8c800400,e2c0eae0a0a2f0f2,56565e9275759868,8cc7cccccccccc83 |
Victim enters username and password into fake login form. Credentials are captured via JavaScript and exfiltrated to attacker's server in real-time.
Malicious code is obfuscated using 43 techniques to evade detection by security scanners and make reverse engineering more difficult.
Pages with identical visual appearance (based on perceptual hash)
Found 1 other scan for this domain