Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T1CF13A5A6C23A566ED44B0FDDFB21636D12BB91CEC2A52044EE8C07A650D5DC8EF725CC |
|
CONTENT
ssdeep
|
768:tSTuOm3Ld3zczZz4zp7X000/R00003R00007t000A0000x1S0000x1Y0000x1m0/:cuO65I9Ed7X000/R00003R00007t000E |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
d050fab29585a5af |
|
VISUAL
aHash
|
7c00007effe7ffff |
|
VISUAL
dHash
|
c4a1e0f05d0e3d40 |
|
VISUAL
wHash
|
00000038ffc7ffff |
|
VISUAL
colorHash
|
06002001048 |
|
VISUAL
cropResistant
|
c4a1e0f05d0e3d40,d3b6e4c282d0a0a2,00010101010104b1,128c1c3868a02044,f139cdcde9e9d953 |
Victim enters username and password into fake login form. Credentials are captured via JavaScript and exfiltrated to attacker's server in real-time.
Malicious code is obfuscated using 10 techniques to evade detection by security scanners and make reverse engineering more difficult.
Pages with identical visual appearance (based on perceptual hash)
Found 1 other scan for this domain