Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T1B3633FB340C36577D3B2AFDA92DC3F2EE3C14A5ACA224645DEA6438C4BF5D72E511028 |
|
CONTENT
ssdeep
|
1536:1QCkHkSd/8oRwtSD/8bRhLhe4SgmehSIoewS1a/tEse4zR/aSaTqezSMde7SM16q:1QCNu/8oREk/8bRhz18ka/KWR/abRgfB |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
b843131e6b3cc3bc |
|
VISUAL
aHash
|
0000c3c3c3ffcfff |
|
VISUAL
dHash
|
dad816332b37361e |
|
VISUAL
wHash
|
0000c3c3c1ffcbff |
|
VISUAL
colorHash
|
07007000080 |
|
VISUAL
cropResistant
|
9617332b3336360c,d847b8d8d72ad4d4,43234a795d5a3919,e84e72333272ecfc,e85454317054dcfc,e179f8ec7879f2f6 |
Victim enters username and password into fake login form. Credentials are captured via JavaScript and exfiltrated to attacker's server in real-time.
Malicious code is obfuscated using 964 techniques to evade detection by security scanners and make reverse engineering more difficult.
Found 3 other scans for this domain