Detailed analysis of captured phishing page
No screenshot available
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T16A716B71918299A71193D1D09B775B2F76C4C349CA9B4B0763F8A3AFBFD5C84ED02045 |
|
CONTENT
ssdeep
|
48:Tn3FsyZjc0Nw/uYJG2wuD7X9vsv+JN5TNWJnECa:Tnjjc0NEtbNvYJEd |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
b16c33936d9c3499 |
|
VISUAL
aHash
|
c3c3c3dbffffefc3 |
|
VISUAL
dHash
|
9e8e96b6b24d0a9e |
|
VISUAL
wHash
|
0303031b18240000 |
|
VISUAL
colorHash
|
06030008200 |
|
VISUAL
cropResistant
|
9e8e96b6b24d0a9e,fffcf7f3dc03d3f3,4d333d4d55554d8c |
• Amenaza: Phishing
• Objetivo: Usuarios desprevenidos
• Método: Suplantación de dominio/redirección de tráfico y intentos de descarga de la aplicación.
• Exfil: Desconocido, probablemente datos personales o malware a través de la aplicación.
• Indicadores: Similitud del dominio, botón de descarga.
• Riesgo: Alto
The site tries to attract traffic by listing similar domains. This often includes misspelled or slightly altered domain names.
The site attempts to get users to download an app, and it's highly likely that this application contains malware or harvests data.
Pages with identical visual appearance (based on perceptual hash)