Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T19E23B433D295CA720D8746CCF2D0E718269A834BBB3215CDB7D092BBA78DDE5942538C |
|
CONTENT
ssdeep
|
768:R36CufFQcNcKcPcRc+cJZO4DifSpO9lFW60i4zcAIXyob13Rb4FW62iyLJcAIQ+v:B968pOlFW+dBOFWBOnAR70 |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
c81ea3709fa07e63 |
|
VISUAL
aHash
|
0000001818c1e37e |
|
VISUAL
dHash
|
960915b2311796d0 |
|
VISUAL
wHash
|
5a00183898c3ffff |
|
VISUAL
colorHash
|
31000000000 |
|
VISUAL
cropResistant
|
960915b2311796d0 |
• Ameaça: Phishing (Drenador de Cripto)
• Alvo: Usuários da Bulk Network
• Método: Incentivo de resgate de recompensas para roubo de carteira
• Exfil: JS ofuscado para C2 externo
• Indicadores: Botão 'Claim Rewards', ofuscação JS
• Risco: Alto
The site prompts users to connect their Web3 wallet (e.g., MetaMask) to claim rewards, subsequently triggering a malicious transaction request.
Uses deceptive UI to mimic official project branding and capture user trust.