Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T1A133A77291142837616F76D9F464B31AD2D3D70ECA4346E1A1F8A3AA0FDACA1FC1741E |
|
CONTENT
ssdeep
|
768:7JsXWESrFL7Cz2s7282/W1S2o2C2A2482/WdS26/x9bBbJbvbLbibeb63Pbdk5ji:7JsXWESr9U7IWsWah5TXo8c8BiEBg |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
f4aad323559a5c2c |
|
VISUAL
aHash
|
66e7d3ffc3c3ff7c |
|
VISUAL
dHash
|
ca89b63806164994 |
|
VISUAL
wHash
|
0264d3dfc3c3ff00 |
|
VISUAL
colorHash
|
070020000c1 |
|
VISUAL
cropResistant
|
ca89b63806164994 |
Victim enters username and password into fake login form. Credentials are captured via JavaScript and exfiltrated to attacker's server in real-time.
Malicious code is obfuscated using 317 techniques to evade detection by security scanners and make reverse engineering more difficult.
Found 2 other scans for this domain