Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T15A7252B6E51DA927076382D8B3B1B34EF7428485C9824B8FE5F5D38C2FE3C61D926215 |
|
CONTENT
ssdeep
|
384:RpjFCjO9Y3k9r9X9xP9wi9V92d9dpRpVHpgp6pG09cpJ9Y96IBd27:RpcAiNpRpVHpgp6pGtYw |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
e51e9a61a1639e9c |
|
VISUAL
aHash
|
c0de9ee1e3e3e3ff |
|
VISUAL
dHash
|
2038240f47074f30 |
|
VISUAL
wHash
|
80889ec1e1e1e3ff |
|
VISUAL
colorHash
|
0e000000190 |
|
VISUAL
cropResistant
|
2038240f47074f30,b4beae8b8b8e8f13 |
Victim enters username and password into fake login form. Credentials are captured via JavaScript and exfiltrated to attacker's server in real-time.
Malicious code is obfuscated using 11 techniques to evade detection by security scanners and make reverse engineering more difficult.
Pages with identical visual appearance (based on perceptual hash)
Found 1 other scan for this domain