Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T1B47284337105313F1EA311C1ABA1234DB3B74489EA0119A8CAFD93AE0BD9D4EFD76559 |
|
CONTENT
ssdeep
|
384:p0wsIIkvYKVkTtUo4xC2O8k/hVWJbT8jDE:pIIITKVkTtEdoVWJh |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
e527ef12bc12ec12 |
|
VISUAL
aHash
|
003121017f7f00ff |
|
VISUAL
dHash
|
ccc7c7c7fed4ec23 |
|
VISUAL
wHash
|
007171013fff10ff |
|
VISUAL
colorHash
|
01000030000 |
|
VISUAL
cropResistant
|
49496ab2a6aaaad5,4e4e9e94b495d9db,adb3aaeeacecb4b5,c3e3c7c7e3effff0,d9d99995914b6a6f,e32ae6c4d4e4e4e6,0000000200272727,c4cfc3e7c7e7eff8,2ad5d4dc66243000 |
Victim enters username and password into fake login form. Credentials are captured via JavaScript and exfiltrated to attacker's server in real-time.
Victim enters banking credentials including account numbers and security questions. Attacker gains full access to victim's banking services.