Detailed analysis of captured phishing page
No screenshot available
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T1D98111319258983F988387ECF3A0FF1B268782A9D7421955B2FDD79A8BC6D51CE0059C |
|
CONTENT
ssdeep
|
48:QsCeNmTNMgr4SXUpoDo9yZ1H+P9QlqIXeQZfEkQSqMOT97EAdHw0LKZrxH2ADfxl:UWFyWYeQdEylhAqZ9it0NqM |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
d71a552e770a5532 |
|
VISUAL
aHash
|
00ffffffe7fffffe |
|
VISUAL
dHash
|
281018304c0c110e |
|
VISUAL
wHash
|
000c3f3fc0fcf8e0 |
|
VISUAL
colorHash
|
070000180c0 |
|
VISUAL
cropResistant
|
209810384c00010e,00000288988c4208 |
• Amenaza: Potencial recopilación de datos si la página está comprometida, pero coincide con la marca
• Objetivo: Clientes de Aruba.it que realizan pagos
• Método: Formulario de pago que recopila datos de tarjetas de crédito
• Exfil: Datos enviados a hassan2.php
• Indicadores: Dominio no estándar, pero posiblemente legítimo.
• Riesgo: BAJO - Requiere investigación para confirmar la legitimidad, posible recopilación de datos si es malicioso
Victim enters credit/debit card details including CVV and expiration. Card data is captured and can be used for fraudulent transactions or sold on dark web markets.
Uses typical phishing tactics including brand impersonation, urgency tactics, and social engineering to trick victims into providing sensitive information.
Pages with identical visual appearance (based on perceptual hash)