Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T10D7209F20500E9BA46078AF9DBE1FB58216FD14EDA1B0500A7FE87E513C7DE2ED29059 |
|
CONTENT
ssdeep
|
192:NWU+7WfV9PDJ7tn6WXk9OMuMZUqhGpqhkiqhLJ7t5j+v+CyJ6umDa8wzXTOlnTa0:NWU+7WzPDqW86CTQkip9GyJWW8wHOln3 |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
b33c8dc7cc3330cc |
|
VISUAL
aHash
|
1f1f07c7cf072f0f |
|
VISUAL
dHash
|
febc9d88ac8acafc |
|
VISUAL
wHash
|
0f1f0707cf070f0f |
|
VISUAL
colorHash
|
07000000006 |
|
VISUAL
cropResistant
|
febc9d88ac8acafc,50888a8a8a8a8a8a,45012b13960e4d6d |
Victim enters username and password into fake login form. Credentials are captured via JavaScript and exfiltrated to attacker's server in real-time.
Malicious code is obfuscated using 150 techniques to evade detection by security scanners and make reverse engineering more difficult.
| ID | Português | Inglês | Trigger |
|---|---|---|---|
Pages with identical visual appearance (based on perceptual hash)