Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T13163FA9A2455701A076380D394BB2B4AB379182FF92805E1A4B4CBF572B8CF5316BF5F |
|
CONTENT
ssdeep
|
768:YyWuP1Ws/uy95URfvQjwqI/utR8n+U+6vqLcU0l/Cb5QLMX1n7X8Uq+X5PgTUPJq:Fv15yOloQzZs8oWQbp |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
818cf24de396332f |
|
VISUAL
aHash
|
7e1f1f1f09000eef |
|
VISUAL
dHash
|
f8f1fdddd3ca3c59 |
|
VISUAL
wHash
|
3c1f1f1f01020fef |
|
VISUAL
colorHash
|
07600010200 |
|
VISUAL
cropResistant
|
fcf1fdfdfdd3cbde,a202c44b53512292,18a649494958181c,f8f0f5fdd7d3cabc,45452b98c42b5501,f67c1f87c1b0a0c9,a74b8b9329294949 |
• Ameaça: Kit de phishing de criptomoedas
• Alvo: Usuários de carteiras Trezor
• Método: Página falsa de download do app Trezor Suite
• Exfil: Dados enviados via JavaScript ofuscado
• Indicadores: Hospedagem gratuita, JS ofuscado, domínio não coincidente
• Risco: ALTO - Possível roubo de credenciais de criptomoedas
Pages with identical visual appearance (based on perceptual hash)
Found 2 other scans for this domain