Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T10093733563880A2EA517C6A8F7E17739926ED249E22BDD1DF3AD01B31383C54DA732D4 |
|
CONTENT
ssdeep
|
768:8qGqUayHFwInKEmcml2UyPWGahAG7ZFwkGel37brjBHfkKwZFdlm3m2LoXqNVWZ7:tBKEMYBm5HAG |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
ea03bf02d568d13e |
|
VISUAL
aHash
|
ff0000000000d9ff |
|
VISUAL
dHash
|
51cdc3c1e7cc3333 |
|
VISUAL
wHash
|
ff2040700061ffff |
|
VISUAL
colorHash
|
01000000180 |
|
VISUAL
cropResistant
|
d2d20e0161414199,3333333333c8a2c8,02420ed2d2d22e42,ccc5c3c1e5c58b33 |
Victim enters username and password into fake login form. Credentials are captured via JavaScript and exfiltrated to attacker's server in real-time.
Malicious code is obfuscated using 27 techniques to evade detection by security scanners and make reverse engineering more difficult.
Drainer supports multiple blockchain networks and checks for high-value tokens on each chain before executing drain operations.
Found 1 other scan for this domain