Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T1FAD219B153645C2C60B3C594EFA27F5A331EC286EA47064493EC963BA9CBCD5FD12A84 |
|
CONTENT
ssdeep
|
384:QYTsF0kD7vgB7s7O65+/7nbYbQySwHiWieowmqbpe5T8V6b6dmUgRNgRwRZ+oR2:QYAFPr265+PwRZpe5TIhgRNgRwRgoR2 |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
807df4c06b1e14fe |
|
VISUAL
aHash
|
f8ff0f193d3f3fff |
|
VISUAL
dHash
|
90c274fbebd46000 |
|
VISUAL
wHash
|
70f00d00193f1fff |
|
VISUAL
colorHash
|
00000000e00 |
|
VISUAL
cropResistant
|
90c274fbebd46000,c2d18a0bd2167554 |
Victim enters username and password into fake login form. Credentials are captured via JavaScript and exfiltrated to attacker's server in real-time.
Malicious code is obfuscated using 43 techniques to evade detection by security scanners and make reverse engineering more difficult.
Found 1 other scan for this domain