Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T1DE2349726732B8B843DB91EEB73C2D56B2D2988DF8C74550B5C95A8D13C3C812297BB4 |
|
CONTENT
ssdeep
|
768:aE4a+EsZx8/G8Qc4QGDawIM2BhwgM2BQwZCN2/y9dGDTDiJE56ITmH+LCBlvNPqR:aE4a+EsZ/8QnQGDawIM2BhwgM2BQwcNc |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
e969929696f8190f |
|
VISUAL
aHash
|
fff9199939ffffff |
|
VISUAL
dHash
|
c533333352420000 |
|
VISUAL
wHash
|
f001010101ffffff |
|
VISUAL
colorHash
|
07008000c00 |
|
VISUAL
cropResistant
|
c533333352420000,630783d975370f4c |
Victim enters username and password into fake login form. Credentials are captured via JavaScript and exfiltrated to attacker's server in real-time.
Malicious code is obfuscated using 17 techniques to evade detection by security scanners and make reverse engineering more difficult.
Found 3 other scans for this domain