Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T198334B726332B4B883DF91DEF7382E56B2C2998DE8C74694B5C95A8D13C3C8061977B4 |
|
CONTENT
ssdeep
|
1536:aTHP+EsZ/8u4HOQuDawAMbBrwIMbBKwcN2/y9dGXDiJZBlvy40hxwW:a0FGwBwoFN2aDSw09 |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
ee66919dc0d21ab5 |
|
VISUAL
aHash
|
ff8181a18181ffff |
|
VISUAL
dHash
|
584f6d4d47716900 |
|
VISUAL
wHash
|
ff8181818100ffff |
|
VISUAL
colorHash
|
07230008000 |
|
VISUAL
cropResistant
|
584f6d4d47716900,cecc48cc3abe7060,c0c2d28bafd2cac0,ecf1f151754c8826,fffffff7e6fedfdf |
Victim enters username and password into fake login form. Credentials are captured via JavaScript and exfiltrated to attacker's server in real-time.
Malicious code is obfuscated using 17 techniques to evade detection by security scanners and make reverse engineering more difficult.
Found 1 other scan for this domain