Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T1E34103305059BD735113E2E87BE06F8B21C7C706C64E294D92F4A39D1EE6C4CDE93659 |
|
CONTENT
ssdeep
|
24:hMs2m7IkWG0vsJhhzR/RxNgVD7VyUlMxnPrMxnsTnEbac7NXQqqkyW1A:LUkKUJhhzJR7OVyUyxnPgxncngzyW1A |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
83fe6d0103039bfe |
|
VISUAL
aHash
|
3f3f3f3f3f3f3f3f |
|
VISUAL
dHash
|
d0c6ccccd0d0d0d0 |
|
VISUAL
wHash
|
3c20242400000000 |
|
VISUAL
colorHash
|
060000001c0 |
|
VISUAL
cropResistant
|
808c989880808080,f184acb6b6ac84f3,0e71710e20000000 |
• Amenaza: Phishing de credenciales
• Objetivo: Usuarios de Microsoft Outlook
• Método: Impersonación de la página de inicio de sesión.
• Exfil: https://submit-form.com/Mmj7NWxH1
• Indicadores: Coincidencia de dominio, formulario que solicita credenciales.
• Riesgo: Alto
The attacker attempts to steal user credentials by mimicking the Microsoft Outlook login page and redirecting submission to a potentially malicious third-party service.
Pages with identical visual appearance (based on perceptual hash)
Found 10 other scans for this domain