Detailed analysis of captured phishing page
No screenshot available
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T1CF61CC39A101A9B351CBD2E1BBF0975F7B9282C5EE53274253E4C36D4BD5D98CD04171 |
|
CONTENT
ssdeep
|
96:TVo9ALGMcUvE3yAuNgii2gQygWvg5J/R9TO:y9d+vJAuKiilQBWY5BRM |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
f3866633cc66c899 |
|
VISUAL
aHash
|
e7e4fce4fce4e4f8 |
|
VISUAL
dHash
|
28282808184c4c30 |
|
VISUAL
wHash
|
e6e4f8e0e8e0e0f8 |
|
VISUAL
colorHash
|
070000101c0 |
|
VISUAL
cropResistant
|
28282808184c4c30 |
• Ameaça: Phishing
• Alvo: Usuários de um repositório de documentos
• Método: Solicita endereço de e-mail para acesso.
• Exfil: Javascript Obfuscado, provavelmente para um servidor backend
• Indicadores: Formulários detectados, envio de formulários JavaScript, marca genérica, solicita informações confidenciais.
• Risco: ALTO
The site uses a form to collect the victim's email address. This information is then likely used for further attacks like password resets, account takeover, or spam campaigns.
Malicious JavaScript code obfuscation hides the true intent and capabilities of scripts to make it harder to detect and analyze
Pages with identical visual appearance (based on perceptual hash)