Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T1DF639732A25658039097D2D5F1719B1F22828389C7174BA163F857BE7ECACF5AE123DC |
|
CONTENT
ssdeep
|
1536:BOrMUfOUbJo+ki7yf/WugIu5RbuLuMuuuouaRPozXuZwf+mkR2GRleVO+eH99hGo:QrMG7eaXiSX1TumkR2k8VleH99hG3SGg |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
d3246c324dcfc996 |
|
VISUAL
aHash
|
00207c7c0e6c3c3c |
|
VISUAL
dHash
|
c4ccd8d8dcd8d8d0 |
|
VISUAL
wHash
|
20427e7e4c6c7e78 |
|
VISUAL
colorHash
|
06200038000 |
|
VISUAL
cropResistant
|
c4ccd8d8dcd8d8d0,f0ec496198dc84fa,7324849d9d98dc71,2bebc9f92d2d250d |
Victim enters username and password into fake login form. Credentials are captured via JavaScript and exfiltrated to attacker's server in real-time.
Malicious code is obfuscated using 20 techniques to evade detection by security scanners and make reverse engineering more difficult.
Pages with identical visual appearance (based on perceptual hash)
Found 2 other scans for this domain