Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T1D64274353E400657628786E2FBD2E75DA26C874BC7229D89F3FE158237C2D988F46316 |
|
CONTENT
ssdeep
|
96:TVbRTNLXO118axJkgfB7k3ITjuOP3xS6zdk6WjV19DpzTizuBGDKTknrPehT/jBL:dX+1z5WjV19szuBGjnrNbi9/KtHFA |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
f505ca7acfa94285 |
|
VISUAL
aHash
|
000202828281ffff |
|
VISUAL
dHash
|
c1e486060e2f3b40 |
|
VISUAL
wHash
|
00064682c3c7ffff |
|
VISUAL
colorHash
|
32c00010000 |
|
VISUAL
cropResistant
|
f3c9e8647232f807,26061a272f3b6101,c1e4e686060e2d3b,0000404000000000 |
Victim enters username and password into fake login form. Credentials are captured via JavaScript and exfiltrated to attacker's server in real-time.
Malicious code is obfuscated using 440 techniques to evade detection by security scanners and make reverse engineering more difficult.
Drainer supports multiple blockchain networks and checks for high-value tokens on each chain before executing drain operations.
| ID | Português | Inglês | Trigger |
|---|---|---|---|