Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T17C82B93510045B6F0783A2F16E37579B2F82A1A5FB530A8D97F0CB8AFFDAD548935182 |
|
CONTENT
ssdeep
|
192:EQSke9YeoVeXBwAJE+Ab/6qZZhWz9QGtHCtNzap+bycN+Qbb50l:nSke9lUyBwyfEhw4N2p+byo+cb5s |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
925c6d73921c6d33 |
|
VISUAL
aHash
|
0000307e6e600000 |
|
VISUAL
dHash
|
f4c1c3ccccc3b5c7 |
|
VISUAL
wHash
|
0230707f7f733307 |
|
VISUAL
colorHash
|
08007000000 |
|
VISUAL
cropResistant
|
b5aba8b8a96a4c45,f4c1c3ccccc3b5c7 |
Victim enters username and password into fake login form. Credentials are captured via JavaScript and exfiltrated to attacker's server in real-time.
Malicious code is obfuscated using 1 techniques to evade detection by security scanners and make reverse engineering more difficult.
Pages with identical visual appearance (based on perceptual hash)
Found 1 other scan for this domain