Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T17B84B6A3E5B23033213B91D5E57E739860D2E31EE3424794EAE9033857DADA73917878 |
|
CONTENT
ssdeep
|
6144:U1iLFNfzZ6BCo62HqnSMlcryHYU2m0hNawP5+2CUsOGJhBgaoVeMOf9QHOAWIzCA:tlNp4ZKNTvtLfGmqmrtpVbvTOT |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
e6424f1b131d926f |
|
VISUAL
aHash
|
00f3f7ffc7ff8381 |
|
VISUAL
dHash
|
c187851655fd0747 |
|
VISUAL
wHash
|
00e1f7c787ff8181 |
|
VISUAL
colorHash
|
06603000000 |
|
VISUAL
cropResistant
|
8282c2d2d2828282,878516165de00747,c8e860c84116d601,892726c79b33336f,70599858704dd978,4505151111050d41,062385a189192987,31b5272bb3b6ba33,090909090909c121 |
Victim enters username and password into fake login form. Credentials are captured via JavaScript and exfiltrated to attacker's server in real-time.
Malicious code is obfuscated using 2628 techniques to evade detection by security scanners and make reverse engineering more difficult.
Found 1 other scan for this domain