Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T14EF274911C8464785B2B0BCFAB1B689FF143D99EDAEE119120C409E5C7F367D036BE46 |
|
CONTENT
ssdeep
|
768:w4ZU4ZX9xy5E4wOGbamJxY0qtQxmaSUO5iaBehoHvKVBstPFVA0X4te4QD4C54Na:wXG9xy5JwOGbamJxY0qtQxmaSd5iaBem |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
83d9aa59b66adc22 |
|
VISUAL
aHash
|
fffffff7261800e7 |
|
VISUAL
dHash
|
eaf8f0ccccf0abab |
|
VISUAL
wHash
|
7e7efee7040800e3 |
|
VISUAL
colorHash
|
07000180000 |
|
VISUAL
cropResistant
|
eaf8f0ccccf0abab |
Victim enters username and password into fake login form. Credentials are captured via JavaScript and exfiltrated to attacker's server in real-time.
Malicious code is obfuscated using 71 techniques to evade detection by security scanners and make reverse engineering more difficult.