Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T17013E7206211B72A9C334F34F38934B6D1DE9345D9E6782DB3A9526231E3179CB4BCE9 |
|
CONTENT
ssdeep
|
768:kmA0wA3SnAAXKRYPAhPVLRR3E4tK/8SPtPfPWOgPvSqAPRq8Z7U1c/jPYrPWSPE6:kmA0wA3SnA+KRBff3E4tKErSRq8Z7U1V |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
e531989a67679a98 |
|
VISUAL
aHash
|
cfc3c3c3e3ffffff |
|
VISUAL
dHash
|
111e164e0e000060 |
|
VISUAL
wHash
|
00c3c3c3c0fcfc9c |
|
VISUAL
colorHash
|
07008000c00 |
|
VISUAL
cropResistant
|
111e164e0e000060 |
Victim enters username and password into fake login form. Credentials are captured via JavaScript and exfiltrated to attacker's server in real-time.
Malicious code is obfuscated using 394 techniques to evade detection by security scanners and make reverse engineering more difficult.
Pages with identical visual appearance (based on perceptual hash)
Found 2 other scans for this domain