Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T190B356F3504C6027130261C5AA142E45F5AB92BF5EDF8225C1BD0B6DF3E3D99E81D3AA |
|
CONTENT
ssdeep
|
1536:uojCBsTSvOPj05qhYN5vmZ4hYWabgvy/RtIvm76ws2GglZSwGsqn/FIaLhdng1GF:Fq/uTTfoJxLs32oO2BJ0UOp |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
f64ea86b19995326 |
|
VISUAL
aHash
|
f9d0e68ee4e4ffff |
|
VISUAL
dHash
|
51242c2a2cc9320b |
|
VISUAL
wHash
|
b8908686c0e0dfff |
|
VISUAL
colorHash
|
0600b200040 |
|
VISUAL
cropResistant
|
51242c2a2cc9320b,85397544546479e3 |
Victim enters username and password into fake login form. Credentials are captured via JavaScript and exfiltrated to attacker's server in real-time.
Malicious code is obfuscated using 124 techniques to evade detection by security scanners and make reverse engineering more difficult.
Pages with identical visual appearance (based on perceptual hash)
Found 3 other scans for this domain