Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T1BE3276A35144601E612B8ACB9E15AB6C32F730BFE5FB0541FBED87C4DBAAC50ED05844 |
|
CONTENT
ssdeep
|
192:WC6U2222O5400UAAqRZ6sOTi9sTkRi+BShlOY4003AAqRZ6WWNcNlTOB8VMc:sO0YRZ6C9sqE80BRZ63GlTgzc |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
92926d6d64929ee5 |
|
VISUAL
aHash
|
7e2c2e6c00180000 |
|
VISUAL
dHash
|
f4d8cdcdd970b270 |
|
VISUAL
wHash
|
ff7e7c6c003c1838 |
|
VISUAL
colorHash
|
31000038000 |
|
VISUAL
cropResistant
|
f08047cf86c79b36,8e37796b677965f0,f4d8cdcdd970b270 |
• Amenaza: Kit de phishing para robo de credenciales
• Objetivo: Usuarios de PenguJak internacionalmente
• Método: Promoción falsa de airdrop para robar datos de usuario
• Exfil: JavaScript ofuscado detectado
• Indicadores: Dominio reciente, dominio no coincidente, oferta limitada
• Riesgo: ALTO - Posible robo de datos y pérdida financiera
Pages with identical visual appearance (based on perceptual hash)
Found 2 other scans for this domain