Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T160E34531C6A50327D215078AE7DB3B5662DBD2C7CD527CE8F2A08135DBBAC482C76DA1 |
|
CONTENT
ssdeep
|
3072:HlZIKJrjylK2E6IOZuagKI3ImJS2wgIYLQICeIkPksuGIyIhuBnhfbO:FOKNQ5I9f3NhbO |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
e816a7b0c88f7731 |
|
VISUAL
aHash
|
ff00008040cefffb |
|
VISUAL
dHash
|
8e317131919c3213 |
|
VISUAL
wHash
|
ff00808040cffffb |
|
VISUAL
colorHash
|
0e401008040 |
|
VISUAL
cropResistant
|
90022f2b104a91b1,a636723869f4f251,7131b1909c221333,00829c9c8c949200,b1317131b1b1949d,e0fbf7f37ccff9fe,9f8d0d8c8f232264 |
Victim enters username and password into fake login form. Credentials are captured via JavaScript and exfiltrated to attacker's server in real-time.
Malicious code is obfuscated using 104 techniques to evade detection by security scanners and make reverse engineering more difficult.
Pages with identical visual appearance (based on perceptual hash)
Found 1 other scan for this domain