Detailed analysis of captured phishing page
No screenshot available
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T140F020E481BC0EAE8FD3B2A949D0316F6181CFC0CB47075409FD82F807C8E80DA2B089 |
|
CONTENT
ssdeep
|
6:haxUKzVfAbplGMu7SYwFegbP1EYaigZRWnlbOq91fvZmiY4HK4wybE6cgQa0nLgV:haxxC2LwFegblbOW1f0F4iqcgogaVX2 |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
cc6633998c66669b |
|
VISUAL
aHash
|
0000001818180000 |
|
VISUAL
dHash
|
001028b2b2320c10 |
|
VISUAL
wHash
|
0f0f1b1b1b1b0f0f |
|
VISUAL
colorHash
|
381c0000000 |
|
VISUAL
cropResistant
|
b28e94b6ac9a9ab2,8084908c8c900080,001028b2b2320c10 |
• Amenaza: Phishing / Gatekeeper
• Objetivo: No especificado
• Método: Captcha falso para evadir filtros de seguridad
• Exfil: Ejecución de JS ofuscado
• Indicadores: JS ofuscado, captcha no estándar
• Riesgo: Alto
The page uses a fake captcha wall to obfuscate the real destination or malicious script execution from security scanners.
Once the user interacts, JS execution triggers an unmasking redirect to a phishing or malware site.