Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T1BE3276A35144601E612B8ACB9E15AB6C32F730BFE5FB0541FBED87C4DBAAC50ED05844 |
|
CONTENT
ssdeep
|
192:WC6U2222O5400UAAqRZ6sOTi9sTkRi+BShlOY4003AAqRZ6WWNcNlTOB8VMc:sO0YRZ6C9sqE80BRZ63GlTgzc |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
92926d6d64929ee5 |
|
VISUAL
aHash
|
7e2c2e6c00180000 |
|
VISUAL
dHash
|
f4d8cdcdd970b270 |
|
VISUAL
wHash
|
ff7e7c6c003c1838 |
|
VISUAL
colorHash
|
31000038000 |
|
VISUAL
cropResistant
|
f08047cf86c79b36,8e37796b677965f0,f4d8cdcdd970b270 |
• Ameaça: Kit de phishing para roubo de credenciais
• Alvo: Usuários do PenguJak internacionalmente
• Método: Promoção falsa de airdrop para roubar dados de usuário
• Exfil: JavaScript ofuscado detectado
• Indicadores: Domínio recente, domínio não coincidente, oferta limitada
• Risco: ALTO - Possível roubo de dados e perda financeira
Pages with identical visual appearance (based on perceptual hash)
Found 2 other scans for this domain