Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T1DA21127140544CA9D102E0D453D1EA4D39DBC622CECB15116AF8879D76FDC82CE645D5 |
|
CONTENT
ssdeep
|
24:I2Co3iZh8Gqhoiw5TdmPyhSr76hcxPwN9uENMSC2E:Im8GGgoi4dmPy9hcxIHxKd |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
881d267399dcccd9 |
|
VISUAL
aHash
|
0000181818180800 |
|
VISUAL
dHash
|
cfb3b2b2b2b2b3cf |
|
VISUAL
wHash
|
01191b1b1f1f1f1f |
|
VISUAL
colorHash
|
000000001c0 |
|
VISUAL
cropResistant
|
cc8e96e8f4c07113,cfb3b2b2b2b2b3cf |
• Amenaza: Phishing
• Objetivo: Usuarios de Microsoft Outlook
• Método: Recopilación de credenciales
• Exfil: https://smartforms.dev/submit/696d6c4cc184545ccc21863f
• Indicadores: Dominio sospechoso, acción de formulario a un sitio externo, suplantación.
• Riesgo: Alto
The site impersonates a Microsoft Outlook login page and collects user credentials through a form.
Form data is sent to a suspicious external domain instead of the legitimate service.
Pages with identical visual appearance (based on perceptual hash)
Found 1 other scan for this domain