Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T1B962972196C6663706B713801BC2FB2FF7C88285E5230EC9D5FD8B4A9AC9DE4DD71216 |
|
CONTENT
ssdeep
|
384:xad144ClI/fqv+oVOzblgFiFt9xxhFjHT:u4462c0bciFrxxrz |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
c79c879525b53534 |
|
VISUAL
aHash
|
3e3c0000002c7c7c |
|
VISUAL
dHash
|
6869964002c8c0c8 |
|
VISUAL
wHash
|
ff3c0000007e7e7e |
|
VISUAL
colorHash
|
38003008400 |
|
VISUAL
cropResistant
|
6869964002c8c0c8 |
Victim enters username and password into fake login form. Credentials are captured via JavaScript and exfiltrated to attacker's server in real-time.
Malicious code is obfuscated using 16 techniques to evade detection by security scanners and make reverse engineering more difficult.