Detailed analysis of captured phishing page
No screenshot available
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T14602C7775A700C0A6263CEA4F915B71D51D6E24FC8A74580F2F85AAA6AC2EF8C4C7435 |
|
CONTENT
ssdeep
|
96:tlAY5rX4+cZX7jLMuLZ+vH+xUJ72fwI9zLk3L5es1lht8Fd95chP:nAY6X7HuvlZOwIRLk3L5ZhxJ |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
e67a196e623b622c |
|
VISUAL
aHash
|
00ffffffffffffff |
|
VISUAL
dHash
|
410028082c0c1000 |
|
VISUAL
wHash
|
0040000007073f3f |
|
VISUAL
colorHash
|
07c00000000 |
|
VISUAL
cropResistant
|
001008082c0c1000,0080414545418000 |
• Ameaça: Coleta de credenciais
• Alvo: Visitantes
• Método: Barreira de senha
• Exfil: Envio de formulário JavaScript
• Indicadores: JS ofuscado, campo de senha
• Risco: Médio
The site uses a password wall to capture user input, likely to test credential stuffing or verify active users.
Uses encoded JS to obfuscate the destination or exfiltration logic.