Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T1ED41D1305019BD739113E2F8BBE06E8B21D7C705C78A294A93F493991EE6C4CDEA2259 |
|
CONTENT
ssdeep
|
24:km7IkWG0vsJhhzR/RxJzr6gVD7VyUylMxnPXMxnf9CqKbasJFJpqqkyW1A:+kKUJhhzJRnqOVyUyyxnP8xnYq1yW1A |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
83fe6d0103039bfe |
|
VISUAL
aHash
|
3f3f3f3f3f3f3f3f |
|
VISUAL
dHash
|
d0c6ccccd0d0d0d0 |
|
VISUAL
wHash
|
3f23272730303030 |
|
VISUAL
colorHash
|
060000001c0 |
|
VISUAL
cropResistant
|
808c989880808080,f184acb6b6ac84f3,0e71710e20000000 |
• Ameaça: Phishing
• Alvo: Usuários do Outlook
• Método: Coleta de credenciais
• Exfil: Desconhecido (Web3forms)
• Indicadores: Imitação, formulários, incompatibilidade de domínio
• Risco: Alto
The attacker aims to steal the user's Outlook credentials (username, email, password) through a fake login page.
After the user submits the form, data may be sent to an attacker-controlled server (Web3forms is used).
Pages with identical visual appearance (based on perceptual hash)
Found 10 other scans for this domain