Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T1365110F1C274D73F62E3D3CD56A2A77A32D3964ACF8A13695BE847944EC2C90EC52091 |
|
CONTENT
ssdeep
|
48:bIaWZG3aUVwQ8UNaKK43tw7vATcuREqn8N:dWc3TLNaetyAoumQ8N |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
e69999666699338c |
|
VISUAL
aHash
|
ffffe7e7e7e7ffff |
|
VISUAL
dHash
|
0c324d4d4d4d300c |
|
VISUAL
wHash
|
c0c0c0c003032333 |
|
VISUAL
colorHash
|
07000430000 |
|
VISUAL
cropResistant
|
0c324d4d4d4d300c |
Victim enters username and password into fake login form. Credentials are captured via JavaScript and exfiltrated to attacker's server in real-time.
Malicious code is obfuscated using 47545 techniques to evade detection by security scanners and make reverse engineering more difficult.