Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T1EFD11EA74018082E363346DCE126739A70A3B35DCBA6090CD2ACD37747EDEA7B967C55 |
|
CONTENT
ssdeep
|
96:T4J1tUbOw7NSr7Z+xAkERYmR94uj82Sgz5fLZETh+hvb5uLG:0J1tUbB7IjXHDX5f9ETh+hMG |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
ecc7933886306ccf |
|
VISUAL
aHash
|
fff3f3f3f3c3c3ff |
|
VISUAL
dHash
|
1826862626868641 |
|
VISUAL
wHash
|
ffa181a1918181ff |
|
VISUAL
colorHash
|
06180000080 |
|
VISUAL
cropResistant
|
1826862626868641,242424a6e4446181 |
Victim enters username and password into fake login form. Credentials are captured via JavaScript and exfiltrated to attacker's server in real-time.
Malicious code is obfuscated using 22 techniques to evade detection by security scanners and make reverse engineering more difficult.