Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T1AA7166318010193753135DDBE8E29B1E51CF8316D60974A0EAB587DBDBEAED05E27B0B |
|
CONTENT
ssdeep
|
48:TG6tIk3shkZ3lAdUgaY0AZyOL42qEle0mSEJx4E0V1IaRaY0AZyO7OGJLsf:TG6b3shCdtYtZy2SOVmdJx4dwYtZy3WC |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
af2f85807a7a78d0 |
|
VISUAL
aHash
|
ffff000081ffffff |
|
VISUAL
dHash
|
e8804d454d80e8e8 |
|
VISUAL
wHash
|
7e7e000000ffff3c |
|
VISUAL
colorHash
|
06000000038 |
|
VISUAL
cropResistant
|
e8804d454d80e8e8,0000081010080000 |
Victim enters username and password into fake login form. Credentials are captured via JavaScript and exfiltrated to attacker's server in real-time.
Malicious code is obfuscated using 16 techniques to evade detection by security scanners and make reverse engineering more difficult.
| ID | Portuguese | English | Trigger |
|---|---|---|---|