Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T1287381319024A93B02A792D4E3746B5FB2D18386CB230BC473F483AD9FD7D94DDA6598 |
|
CONTENT
ssdeep
|
384:jboy4xBeJhyj7X0jcxJe27gs8bDOKNhYCE0F12fpLB9W6LbNBgTXZKaSmDogf0XW:Z6/CE03ajWJH/tA2UJ3Pv2JF |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
a414fae92ba9cad8 |
|
VISUAL
aHash
|
ff00000200ffff00 |
|
VISUAL
dHash
|
233ef4e6f60b1617 |
|
VISUAL
wHash
|
ff02020300ffff99 |
|
VISUAL
colorHash
|
06e00010000 |
|
VISUAL
cropResistant
|
02360e34f4eee6d6,920016070e171700,162cb4ece6e6d6fa,7f366c5042401d00,0008303030100800,0001050505110031 |
Victim enters username and password into fake login form. Credentials are captured via JavaScript and exfiltrated to attacker's server in real-time.
Malicious code is obfuscated using 55 techniques to evade detection by security scanners and make reverse engineering more difficult.
Found 1 other scan for this domain