Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T1ABC285243165197E620746E1F2D1AB7DA0FDD74BD9278C28F3FC11A72BCACE89607254 |
|
CONTENT
ssdeep
|
768:U38g/T0OmnjI48g/T0OmnjIzCsqARAqAooRUHN:48g/T0OmnjI48g/T0OmnjI2sqA+qAW |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
b250cbc98f747c8a |
|
VISUAL
aHash
|
00000000ffffffff |
|
VISUAL
dHash
|
59cd1c1c77bf4c69 |
|
VISUAL
wHash
|
00000000ffffffff |
|
VISUAL
colorHash
|
13003000088 |
|
VISUAL
cropResistant
|
6cff77288c4e6969,1159cdcdcd0c1c1c,fffffff3f3ffffff |
Victim enters username and password into fake login form. Credentials are captured via JavaScript and exfiltrated to attacker's server in real-time.
Malicious code is obfuscated using 444 techniques to evade detection by security scanners and make reverse engineering more difficult.
Drainer supports multiple blockchain networks and checks for high-value tokens on each chain before executing drain operations.
| ID | Português | Inglês | Trigger |
|---|---|---|---|