Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T14AC30BF191B195BB0193D3E5F33A776A329351FADB834B8242E4EF844F8AC54EC26584 |
|
CONTENT
ssdeep
|
1536:zJvchASIi608kQiboKzOgi4T6qU6J6D6U6W6SC6q6bb6Kk6+616xAxPE+:zJvchRpn8KzOZiahxf |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
b9394e46193b4b59 |
|
VISUAL
aHash
|
00dfc9cfcfffffff |
|
VISUAL
dHash
|
7912939b92422bc3 |
|
VISUAL
wHash
|
00cbc9cbcb8b81fb |
|
VISUAL
colorHash
|
07000200030 |
|
VISUAL
cropResistant
|
7912939b924a3bc3,a3b21c52d2727242,041a5a7a3a1a5a04,ccd0f0d4e444d079 |
Victim enters username and password into fake login form. Credentials are captured via JavaScript and exfiltrated to attacker's server in real-time.
Malicious code is obfuscated using 5 techniques to evade detection by security scanners and make reverse engineering more difficult.
Found 1 other scan for this domain