Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T1DB83952503841E3E961386E8F6F47338527ED298E22B995DF2ED01B217C6D4ADA337D4 |
|
CONTENT
ssdeep
|
768:R9kpEDl397ADVzZmnhJ4l4Y9T2BCAMQ2E1sbMiUCgR2ulmg2l77oQHBgcqfWDRh4:4pEDNekQLHnG8EYn2p |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
8f8af162d938ce0e |
|
VISUAL
aHash
|
ff001000000000ff |
|
VISUAL
dHash
|
21ed626262621802 |
|
VISUAL
wHash
|
ff3f3e18103000ff |
|
VISUAL
colorHash
|
01010000c00 |
|
VISUAL
cropResistant
|
010601290b310080,00212a0202000000,004020c6c4e4e631,d165626262626060 |
Victim enters username and password into fake login form. Credentials are captured via JavaScript and exfiltrated to attacker's server in real-time.
Malicious code is obfuscated using 91 techniques to evade detection by security scanners and make reverse engineering more difficult.
Drainer supports multiple blockchain networks and checks for high-value tokens on each chain before executing drain operations.
Found 1 other scan for this domain