Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T1CE7381319024A93B02A792D4E3746B9FB2D18386CB230BC473F483AD9FD7D94DD66598 |
|
CONTENT
ssdeep
|
384:jboy4xBeJhyj7X0jcxJe27gs8bDOKNhYCE0F12fpLB9W6LbNBgTXZKaSmDogf0X2:Z6/CE03ajWJH/tA2UZ3Pv2JF |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
ad05faca02f5d2e8 |
|
VISUAL
aHash
|
ff01000001ffff00 |
|
VISUAL
dHash
|
aabfb2f6570b1617 |
|
VISUAL
wHash
|
ff03020203ffff11 |
|
VISUAL
colorHash
|
07c00048000 |
|
VISUAL
cropResistant
|
aabfb2f6d7f30616,cf9fb1bffb675b7b,4200404000001204,0008303030100000,0001050505110031 |
Victim enters username and password into fake login form. Credentials are captured via JavaScript and exfiltrated to attacker's server in real-time.
Malicious code is obfuscated using 55 techniques to evade detection by security scanners and make reverse engineering more difficult.
Found 1 other scan for this domain