Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T198412563A3844817432793D14FC7B26492AA4A9FE5011D019AEC53AD07E9FF4E8673CA |
|
CONTENT
ssdeep
|
48:TBMYYIJjPjzdNfYoHYPTNR87TNlQfyzWrSQT1vpOKICV1:TxYsLjY8YAXm9SQ5vpPBV1 |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
cc9c33338c8e3733 |
|
VISUAL
aHash
|
0200181818180000 |
|
VISUAL
dHash
|
0610303030300000 |
|
VISUAL
wHash
|
0f003cbcbcbc0000 |
|
VISUAL
colorHash
|
38000030000 |
|
VISUAL
cropResistant
|
0610303030300000 |
• Amenaza: Drenador de billetera cripto
• Objetivo: Usuarios de APX Finance
• Método: Portal de votación malicioso
• Exfil: Solicitud de firma de billetera
• Indicadores: JS ofuscado, dominio nuevo
• Riesgo: Alto
The site uses a deceptive 'vote' interface to prompt the user to connect their Web3 wallet and sign a transaction that grants the attacker access to assets.
Uses official-looking branding and logos to trick users into believing they are interacting with the genuine APX Finance governance portal.
Pages with identical visual appearance (based on perceptual hash)