Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T1E153C811C781166510A792D9FBEB6B12D17041DCE701AA19EBACC77E32CFD58E7322D8 |
|
CONTENT
ssdeep
|
1536:4JbWBLwNjbqvGGf9gnQgzs9c09Yq0yrweeSeee0eee17/47ylJ9maMKjhUrWXp+t:4J7/q1VxgzycaD0yr87/Q+vmlcpsSpBs |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
ac6cc6c7b693b230 |
|
VISUAL
aHash
|
c381818383c3ffff |
|
VISUAL
dHash
|
272333333733233c |
|
VISUAL
wHash
|
c381818181c3ffff |
|
VISUAL
colorHash
|
0e203010000 |
|
VISUAL
cropResistant
|
272333333733233c,e3e1f0f0f0fa55f3 |
Victim enters username and password into fake login form. Credentials are captured via JavaScript and exfiltrated to attacker's server in real-time.
Malicious code is obfuscated using 68 techniques to evade detection by security scanners and make reverse engineering more difficult.
Found 10 other scans for this domain