Detailed analysis of captured phishing page
No screenshot available
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T174E229B4A230D335B1C24BE8DA6425287A5FE1DCD7C695B4E388AF11B0D6CE8D5260CB |
|
CONTENT
ssdeep
|
384:4r/aMJguH8mLRhiXkdvNTDhPhLxeAxeDWNW1Tp34PxeeJEmuW3AsGyzRWIMd:4r/aMJguj1hhPhleMeDGCSPxeeWmHRW |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
c3393ffc6815384c |
|
VISUAL
aHash
|
00242070f0f67670 |
|
VISUAL
dHash
|
4cccdac1c1c4ccc1 |
|
VISUAL
wHash
|
802620f0f0fefff0 |
|
VISUAL
colorHash
|
30600018000 |
|
VISUAL
cropResistant
|
69e8f0b9f8686868,88304c4d4c300882,4cccdac1c1c4ccc1 |
• Amenaza: Phishing
• Objetivo: Usuarios que buscan recompensas
• Método: Página de registro falsa
• Exfil: Datos sensibles del usuario
• Indicadores: Ofuscación de JavaScript, URLs de WebSocket sospechosas
• Riesgo: Alto
The site mimics a legitimate service to trick users into providing personal information.
JavaScript is used to send collected data to a remote server.
Pages with identical visual appearance (based on perceptual hash)