Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T19173527011815ABB02C342D1F772AB99E2848385C7278B69B3FC825B9FCED45DE95261 |
|
CONTENT
ssdeep
|
768:O/HOZ4OWo8SfpeSpaV/8W4+gnKXQjYh+8szGZfjxUg4e:NyOW7SfpeSpaV/8W4+SICGzUg4e |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
98d56728989667d3 |
|
VISUAL
aHash
|
00003c3c3c198100 |
|
VISUAL
dHash
|
b14d68b0b1330533 |
|
VISUAL
wHash
|
0085fefe7f998181 |
|
VISUAL
colorHash
|
30000010280 |
|
VISUAL
cropResistant
|
2a080c0a4e0e0c4a,b14d68b0b1330533 |
Victim enters username and password into fake login form. Credentials are captured via JavaScript and exfiltrated to attacker's server in real-time.
Malicious code is obfuscated using 597 techniques to evade detection by security scanners and make reverse engineering more difficult.
| ID | Portugués | Inglés | Trigger |
|---|---|---|---|