Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T1D4F1D79B6286A6310A9343DEB72BC3AE7265C009D513034925FC833C97E5DC5EE27AC7 |
|
CONTENT
ssdeep
|
96:THioeuLhmkWiD9916GIcU6AboX3IHeWSyMnpe0RUmXG8Oj8qZzHmIycJA6yo:VLw+6GQRboX3TWKpeFmXG8q8YPD |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
bc383c6d92c370c7 |
|
VISUAL
aHash
|
8181c7ffff81c3ff |
|
VISUAL
dHash
|
3b3b3fbc06173708 |
|
VISUAL
wHash
|
818181cfff8181ff |
|
VISUAL
colorHash
|
0e007000000 |
|
VISUAL
cropResistant
|
3b3b3fbc06173708,ff7ffcdc6ffdff7f,21007030f4f43045 |
Victim enters username and password into fake login form. Credentials are captured via JavaScript and exfiltrated to attacker's server in real-time.
Uses typical phishing tactics including brand impersonation, urgency tactics, and social engineering to trick victims into providing sensitive information.