Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T1E1D1FAB28449A93753A3C3E9B6B1B35BB782C689CA87054A90F6D31D1FD3DA0DC12256 |
|
CONTENT
ssdeep
|
96:i4NkwOKQlDX2dHUnoGyPs44mGjZzmn7K4yYeyN4q0w2mzClPhUbTuGWVBrGobukL:iGkwnM7InFbOa7xpcTBrRH |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
fe7e5ea161616980 |
|
VISUAL
aHash
|
809c8080ffffffff |
|
VISUAL
dHash
|
3334340320202024 |
|
VISUAL
wHash
|
80808080c0c0c4c4 |
|
VISUAL
colorHash
|
070020001c0 |
|
VISUAL
cropResistant
|
3334340320202024 |
Victim enters username and password into fake login form. Credentials are captured via JavaScript and exfiltrated to attacker's server in real-time.
Malicious code is obfuscated using 11 techniques to evade detection by security scanners and make reverse engineering more difficult.
Pages with identical visual appearance (based on perceptual hash)
Found 2 other scans for this domain