Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T13CB197767380267A06C38BB2F7526FB9A268CBA9C5338A79F1FD815553C2D048F41761 |
|
CONTENT
ssdeep
|
96:nzx28/wzjb3MGXAMA3i1zGAg07Atrmpqfs2phu:928BGXA1qTg0cxmpqU+u |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
8d71718d639d2595 |
|
VISUAL
aHash
|
03003e3f3f3f1f00 |
|
VISUAL
dHash
|
aaf3f4f1e37372d2 |
|
VISUAL
wHash
|
03003f3f3f3f3f00 |
|
VISUAL
colorHash
|
000022000c0 |
|
VISUAL
cropResistant
|
a2aa229e962292a2,da5a2999a58dabaa,db7b6791a499a5a4,2b2b55556953556b,9d9d528c2b6aacad,fefefcfcf8f0e0c0,c0c0e0e0ecf0f0f0,aaf3f4f1e37372d2 |
• Ameaça: Phishing
• Alvo: Usuários da Exodus Wallet
• Método: Imitação via hospedagem gratuita
• Exfil: Provavelmente credenciais do usuário ou dados da carteira (não detectado)
• Indicadores: Hospedagem gratuita, logotipo da marca, ofuscação
• Risco: Alto
The attackers are trying to impersonate Exodus Wallet to steal sensitive user data such as private keys and seed phrases. They are using a similar visual design on a look-alike domain.
The attackers may use deceptive wording and visual elements to trick users into trusting the site and entering their credentials.