Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T1B5D1A531821C563B468BCA80E4F3AB9A75D6C34EC31B6DD4BFEC26676BC9DB14A84014 |
|
CONTENT
ssdeep
|
96:XMdtFMdj0HqtoI6BAZ6CIbOL/gABdJCEzc6qp7Ecc6qmWUhmpb79p/XKOr:XMJY0rBAyOL4srCEQdExNUhSPzxr |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
e497434a3c345b8f |
|
VISUAL
aHash
|
f0f0f0f0f0f0f0f0 |
|
VISUAL
dHash
|
2424662626242426 |
|
VISUAL
wHash
|
f0f0f0f0f0f0f0f0 |
|
VISUAL
colorHash
|
06c00080000 |
|
VISUAL
cropResistant
|
12001a0a0a0a020a,4849514bb16d6f77,903478707c707038 |
Victim enters username and password into fake login form. Credentials are captured via JavaScript and exfiltrated to attacker's server in real-time.
Malicious code is obfuscated using 35 techniques to evade detection by security scanners and make reverse engineering more difficult.
| ID | Portugués | Inglés | Trigger |
|---|---|---|---|