Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T195D131300345AC2F6463C5E4A3F2677B62AAC245D7431B1886FC836C4BDAE96EC77664 |
|
CONTENT
ssdeep
|
96:T7DEdiUy6zAlWrO2zdaotkR9zmDkAzbbkkzwV3dJKS5dt:wd3y6zAlWrfOmkAzbbkkzmtAS5/ |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
be1ac36998b66592 |
|
VISUAL
aHash
|
3c3c308f8fe1e7e7 |
|
VISUAL
dHash
|
617165353f270f0e |
|
VISUAL
wHash
|
3c3c108f9f81e3e6 |
|
VISUAL
colorHash
|
07000000c00 |
|
VISUAL
cropResistant
|
617165353f270f0e |
Victim enters username and password into fake login form. Credentials are captured via JavaScript and exfiltrated to attacker's server in real-time.
Malicious code is obfuscated using 1 techniques to evade detection by security scanners and make reverse engineering more difficult.