Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T1735177638108DD3B9260C0D8E570636D5ACD828E97470B59D6EC437D31DA5FACC2EDC4 |
|
CONTENT
ssdeep
|
48:cm6lvQW2Q1RmHDQeMhzwMnpWWUf1s9cKtub8CXSL5fh6qLv:c5RdxwMiqOKtuXoNhhv |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
f6c88d7337d88922 |
|
VISUAL
aHash
|
f0f0e0c1e5838307 |
|
VISUAL
dHash
|
000101030d160b15 |
|
VISUAL
wHash
|
f0f0e0f9c3c38707 |
|
VISUAL
colorHash
|
07002008080 |
|
VISUAL
cropResistant
|
000101030d160b15 |
Victim enters username and password into fake login form. Credentials are captured via JavaScript and exfiltrated to attacker's server in real-time.
Malicious code is obfuscated using 25 techniques to evade detection by security scanners and make reverse engineering more difficult.