Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T1CAC3C77A683C1533562B4AE7B1A23F2D24B6F28ECF53084479F887D807E3C65E66E505 |
|
CONTENT
ssdeep
|
768:GlrppeY0JPLmGM1a0m+XiRmOFYs6dYWZABYUXyRXMHi7iQFxJhxLmjlkOcJM8dY5:Glr/F0dLtFOtJLVe |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
8ed85d254b72b362 |
|
VISUAL
aHash
|
0038df3c337f0018 |
|
VISUAL
dHash
|
31b0a9a9c6ea7171 |
|
VISUAL
wHash
|
003cdf7c3d7f003c |
|
VISUAL
colorHash
|
38400000180 |
|
VISUAL
cropResistant
|
31b0a9a9c6ea7171 |
Victim enters username and password into fake login form. Credentials are captured via JavaScript and exfiltrated to attacker's server in real-time.
Malicious code is obfuscated using 665 techniques to evade detection by security scanners and make reverse engineering more difficult.