Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T10403823090026A3B00C392D6A734A76B72D3D3C6DA6306856BF9C39D5FCBD95CC766A4 |
|
CONTENT
ssdeep
|
384:n0ZFCgBFdPmPF/MdweUfAsIKD8GxO05jC7esNfTL9AMT5KIcDuscDM1KqVEATlA:sFTFdPKFBDI88QO05jC7eKAMJH+K0Pm |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
cb56e59218b51d2d |
|
VISUAL
aHash
|
ffb00000001cfffb |
|
VISUAL
dHash
|
2c63632ba92912b3 |
|
VISUAL
wHash
|
ffb02808001cfffb |
|
VISUAL
colorHash
|
0fc00000040 |
|
VISUAL
cropResistant
|
2963632ba92912b3,3849cc3fd9c6eff7,000205d4d4d40304,430f8dcdc7e767e7,9696969311531b59,1f0d0d0c8f232264 |
Victim enters username and password into fake login form. Credentials are captured via JavaScript and exfiltrated to attacker's server in real-time.
Malicious code is obfuscated using 19 techniques to evade detection by security scanners and make reverse engineering more difficult.
Found 1 other scan for this domain