Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T15C0262B031211EBB6167C9F0B7D16B4B92D5F75AC6A3594053E8436A3BCBCE0DE26321 |
|
CONTENT
ssdeep
|
96:g7mhlhw2ipTYQvT9YFOhwuipaYzhUA9YF7+CkVd5Bz3XY7qfxzrhD3WXEwXWXFJt:Lz+plvz6pDhUlihnhfVrhLtcVGbhlf |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
b173ce8c1058dfb1 |
|
VISUAL
aHash
|
ffefcd484f7fffff |
|
VISUAL
dHash
|
809b99999999860e |
|
VISUAL
wHash
|
7fc9c840406f7bc3 |
|
VISUAL
colorHash
|
07202000080 |
|
VISUAL
cropResistant
|
809b99999999860e,001020b2b2320800 |
Victim enters username and password into fake login form. Credentials are captured via JavaScript and exfiltrated to attacker's server in real-time.
Malicious code is obfuscated using 10 techniques to evade detection by security scanners and make reverse engineering more difficult.
Pages with identical visual appearance (based on perceptual hash)
Found 1 other scan for this domain