Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T1C2412FA080AC99370183E1D177B62F59B7E086A9C6163E08C1FCD3DD5FEEE44CC129A5 |
|
CONTENT
ssdeep
|
24:nF8CciG7KM6yn/HGWLpAaFdR2nilM/blTj4cg6MedNElFct4BG:n2ixMdeml2nikAL+a1BG |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
cecc3133cecccc23 |
|
VISUAL
aHash
|
0000383830380000 |
|
VISUAL
dHash
|
0008646460600800 |
|
VISUAL
wHash
|
303038383f3f0f0e |
• Threat: Credential harvesting phishing attack
• Target: Microsoft users
• Method: Fake Microsoft login page hosted on a free platform to steal credentials.
• Exfil: Likely to a remote server or a compromised email account.
• Indicators: Free hosting, Microsoft branding, login form.
• Risk: HIGH - Immediate credential theft
Pages with identical visual appearance (based on perceptual hash)