Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T12D3393319084AA3F02D393D5BB71AB5AA394C341CA530B5A23F9931E5FC3C95CC63B16 |
|
CONTENT
ssdeep
|
768:W2aLjSpqZyNOEeulcXExU2nVuY/UE+uYGUsduYkU2R/LgYoYDA5FnlYwfUpx99MV:1aQqEsEeu/X0gY3mRPf4x994 |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
8cec67248ccce7a6 |
|
VISUAL
aHash
|
ffffffff18000000 |
|
VISUAL
dHash
|
16680cb2b24c7058 |
|
VISUAL
wHash
|
ffffff7e18000000 |
|
VISUAL
colorHash
|
1a007000000 |
|
VISUAL
cropResistant
|
a2a28a86a0969682,16680cb2b24c7058 |
• Amenaza: Fraude de inversión financiera
• Objetivo: Usuarios de Asset Trade Inc
• Método: Portal de phishing con JS ofuscado
• Exfil: Envío basado en JavaScript
• Indicadores: Técnicas de ofuscación y falta de presencia corporativa verificable
• Riesgo: Alto
The site uses obfuscated JavaScript to capture user inputs via login forms and exfiltrate data to an attacker-controlled endpoint.
Posing as a trading firm to solicit deposits from users through a fake dashboard.
Pages with identical visual appearance (based on perceptual hash)
Found 1 other scan for this domain