Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T14DA2F9D05456B93F929B43C6E673AA095AB78382F7132428CDFA4B1E17E2D40CF9F254 |
|
CONTENT
ssdeep
|
384:YYwIImTwGkpInsuRL3ySSI+tpUQc9Pwiyc1+PePKYaCtPHN7S8ARRH9sB6ljWnW:gIImTwGkpIsuRL3ySSI+tpUXYDI+WOCC |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
8752ad718652e579 |
|
VISUAL
aHash
|
06002074242000ff |
|
VISUAL
dHash
|
d43bc9cdcddb3966 |
|
VISUAL
wHash
|
2600607c7f6703ff |
|
VISUAL
colorHash
|
000000001c0 |
|
VISUAL
cropResistant
|
868e6474b0b179c1,6266664628460000,d43bcbcdcdd93966 |
Fake Pusulabet site positioned to capture victims through SEO tactics, typosquatting, or paid advertising. Serves as entry point for multi-stage attacks including credential theft and malware distribution.
Malicious code is obfuscated using 2 techniques to evade detection by security scanners and make reverse engineering more difficult.